PT-2014-1382 · Adobe+2 · Air Sdk & Compiler+5
Bilou
·
Published
2014-10-14
·
Updated
2021-11-10
·
CVE-2014-0569
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.250
Adobe Flash Player versions 14.x
Adobe Flash Player versions prior to 15.0.0.189
Adobe Flash Player version 11.2.202.411 and earlier on Linux
Adobe AIR versions prior to 15.0.0.293
Adobe AIR SDK versions prior to 15.0.0.302
Adobe AIR SDK & Compiler versions prior to 15.0.0.302
Description
The issue allows attackers to execute arbitrary code via unspecified vectors due to an integer overflow. This can be exploited by attackers to gain unauthorized access and control over affected systems. The estimated number of potentially affected devices and details about real-world incidents are not provided.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.250, update to version 13.0.0.250 or later.
For Adobe Flash Player versions 14.x, update to version 15.0.0.189 or later.
For Adobe Flash Player versions prior to 15.0.0.189, update to version 15.0.0.189 or later.
For Adobe Flash Player version 11.2.202.411 and earlier on Linux, update to version 11.2.202.411 or later.
For Adobe AIR versions prior to 15.0.0.293, update to version 15.0.0.293 or later.
For Adobe AIR SDK versions prior to 15.0.0.302, update to version 15.0.0.302 or later.
For Adobe AIR SDK & Compiler versions prior to 15.0.0.302, update to version 15.0.0.302 or later.
Exploit
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse