Vulnerability CVE-2014-0501


Published: 2014-02-11   Modified: 2014-02-12

Description:
Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Adobe
Product: Shockwave player 
Version:
12.0.7.148
12.0.6.147
12.0.4.144
12.0.3.133
12.0.2.122
12.0.0.112
11.6.8.638
11.6.7.637
11.6.6.636
11.6.5.635
11.6.4.634
11.6.3.633
11.6.1.629
11.6.0.626
11.5.9.620
11.5.9.615
11.5.8.612
11.5.7.609
11.5.6.606
11.5.2.602
11.5.10.620
11.5.1.601
11.5.0.596
11.5.0.595
11.0.3.471
11.0.0.456

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://helpx.adobe.com/security/products/shockwave/apsb14-06.html
http://osvdb.org/103158
http://secunia.com/advisories/56740
http://www.securityfocus.com/bid/65493
http://www.securitytracker.com/id/1029740
https://exchange.xforce.ibmcloud.com/vulnerabilities/91008

Related CVE
CVE-2018-19723
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Note: A different vulnera...
CVE-2018-19721
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Note: A different vulnera...
CVE-2018-19728
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19727
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2018-19726
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2018-19724
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2018-19722
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-19720
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...

Copyright 2019, cxsecurity.com

 

Back to Top