PT-2014-1330 · Adobe+3 · Flash Player+6

Published

2014-08-12

·

Updated

2017-01-07

·

CVE-2014-0538

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.241 Adobe Flash Player versions 14.x prior to 14.0.0.176 Adobe AIR versions prior to 14.0.0.178 Adobe AIR SDK versions prior to 14.0.0.178 Adobe AIR SDK & Compiler versions prior to 14.0.0.178 Adobe Flash Player version 11.2.202.400 and earlier on Linux
Description A use-after-free issue allows attackers to execute arbitrary code via unspecified vectors. This affects Adobe Flash Player, Adobe AIR, Adobe AIR SDK, and Adobe AIR SDK & Compiler, enabling attackers to run arbitrary code.
Recommendations For Adobe Flash Player versions prior to 13.0.0.241, update to version 13.0.0.241 or later. For Adobe Flash Player versions 14.x prior to 14.0.0.176, update to version 14.0.0.176 or later. For Adobe AIR versions prior to 14.0.0.178, update to version 14.0.0.178 or later. For Adobe AIR SDK versions prior to 14.0.0.178, update to version 14.0.0.178 or later. For Adobe AIR SDK & Compiler versions prior to 14.0.0.178, update to version 14.0.0.178 or later. For Adobe Flash Player version 11.2.202.400 and earlier on Linux, update to a version later than 11.2.202.400.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2014-2010
BDU:2015-00190
BDU:2015-00247
BDU:2015-00248
CVE-2014-0538
MGASA-2014-0335
OPENSUSE-SU-2014_1020-1
OPENSUSE-SU-2014_1029-1
RHSA-2014:1051
RHSA-2014_1051
SUSE-SU-2014_1035-1

Affected Products

Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse