CVE-2014-8442

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.252 Adobe Flash Player versions 14.x Adobe Flash Player versions 15.x prior to 15.0.0.223 Adobe Flash Player version 11.2.202.418 and earlier on Linux Adobe AIR versions prior to 15.0.0.356 Adobe AIR SDK versions prior to 15.0.0.356 Adobe AIR SDK & Compiler versions prior to 15.0.0.356

Description The issue allows attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.

Recommendations For Adobe Flash Player versions prior to 13.0.0.252, update to version 13.0.0.252 or later. For Adobe Flash Player versions 14.x, update to a version outside of the 14.x range. For Adobe Flash Player versions 15.x prior to 15.0.0.223, update to version 15.0.0.223 or later. For Adobe Flash Player version 11.2.202.418 and earlier on Linux, update to version 11.2.202.418 or later. For Adobe AIR versions prior to 15.0.0.356, update to version 15.0.0.356 or later. For Adobe AIR SDK versions prior to 15.0.0.356, update to version 15.0.0.356 or later. For Adobe AIR SDK & Compiler versions prior to 15.0.0.356, update to version 15.0.0.356 or later.