CVE-2014-0492

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 11.7.700.260 and 11.8.x and 11.9.x prior to 12.0.0.38 on Windows and Mac OS X and prior to 11.2.202.335 on Linux Adobe AIR versions prior to 4.0.0.1390 Adobe AIR SDK versions prior to 4.0.0.1390 Adobe AIR SDK & Compiler versions prior to 4.0.0.1390

Description The issue allows attackers to defeat the ASLR protection mechanism by leveraging an "address leak." This could potentially lead to exploitation.

Recommendations For Adobe Flash Player versions prior to 11.7.700.260, update to version 11.7.700.260 or later. For Adobe Flash Player versions 11.8.x and 11.9.x prior to 12.0.0.38, update to version 12.0.0.38 or later. For Adobe Flash Player prior to 11.2.202.335 on Linux, update to version 11.2.202.335 or later. For Adobe AIR versions prior to 4.0.0.1390, update to version 4.0.0.1390 or later. For Adobe AIR SDK versions prior to 4.0.0.1390, update to version 4.0.0.1390 or later. For Adobe AIR SDK & Compiler versions prior to 4.0.0.1390, update to version 4.0.0.1390 or later.