PT-2014-1382 · Adobe+2 · Air Sdk & Compiler+5
Bilou
·
Publicado
2014-10-14
·
Atualizado
2021-11-10
·
CVE-2014-0569
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.250
Adobe Flash Player versions 14.x
Adobe Flash Player versions prior to 15.0.0.189
Adobe Flash Player version 11.2.202.411 and earlier on Linux
Adobe AIR versions prior to 15.0.0.293
Adobe AIR SDK versions prior to 15.0.0.302
Adobe AIR SDK & Compiler versions prior to 15.0.0.302
Description
The issue allows attackers to execute arbitrary code via unspecified vectors due to an integer overflow. This can be exploited by attackers to gain unauthorized access and control over affected systems. The estimated number of potentially affected devices and details about real-world incidents are not provided.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.250, update to version 13.0.0.250 or later.
For Adobe Flash Player versions 14.x, update to version 15.0.0.189 or later.
For Adobe Flash Player versions prior to 15.0.0.189, update to version 15.0.0.189 or later.
For Adobe Flash Player version 11.2.202.411 and earlier on Linux, update to version 11.2.202.411 or later.
For Adobe AIR versions prior to 15.0.0.293, update to version 15.0.0.293 or later.
For Adobe AIR SDK versions prior to 15.0.0.302, update to version 15.0.0.302 or later.
For Adobe AIR SDK & Compiler versions prior to 15.0.0.302, update to version 15.0.0.302 or later.
Exploit
Correção
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse