PT-2014-3664 · Adobe+3 · Air Sdk & Compiler+6
Publicado
2014-02-21
·
Atualizado
2018-12-13
·
CVE-2014-0499
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70
Adobe Flash Player version prior to 11.2.202.341 on Linux
Adobe AIR versions prior to 4.0.0.1628 on Android
Adobe AIR SDK versions prior to 4.0.0.1628
Adobe AIR SDK & Compiler versions prior to 4.0.0.1628
Description
The issue makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors, as the software does not prevent access to address information.
Recommendations
For Adobe Flash Player versions prior to 11.7.700.269, update to version 11.7.700.269 or later.
For Adobe Flash Player versions 11.8.x through 12.0.x, update to version 12.0.0.70 or later.
For Adobe Flash Player on Linux, update to version 11.2.202.341 or later.
For Adobe AIR on Android, update to version 4.0.0.1628 or later.
For Adobe AIR SDK, update to version 4.0.0.1628 or later.
For Adobe AIR SDK & Compiler, update to version 4.0.0.1628 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse