PT-2014-1370 · Google+4 · Google Chrome+6

Published

2014-08-12

Updated

2017-01-07

CVE-2014-0544

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe AIR (affected versions not specified) Adobe Pepper Flash for Google Chrome (affected versions not specified) Adobe Flash Player (affected versions not specified)

Description The issue exists due to the possibility of accessing information related to memory addresses, allowing an attacker to bypass the ASLR (Address Space Layout Randomization) protection mechanism. This can be exploited to gain unauthorized access to sensitive information.

Recommendations For Adobe AIR, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Adobe Pepper Flash for Google Chrome, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Adobe Flash Player, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

ALT-PU-2014-2010

BDU:2015-00231

BDU:2015-00338

BDU:2015-00339

CVE-2014-0544

MGASA-2014-0335

OPENSUSE-SU-2014_1020-1

OPENSUSE-SU-2014_1029-1

RHSA-2014:1051

RHSA-2014_1051

Affected Products

Alt Linux

Air

Flash Player

Pepper Flash

Google Chrome

Red Hat

Suse

PT-2014-1370 · Google+4 · Google Chrome+6

CVE-2014-0544

Weakness Enumeration

Related Identifiers

Affected Products

References · 63