Vulnerability CVE-2014-0515
Published: 2014-04-29

Description:
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.

See advisories in our WLB2 database:
Topic
Author
Date
High
Adobe Flash Player Shader Buffer Overflow
Juan vazquez
09.05.2014

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Adobe -> Flash player 

 References:
http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00001.html
http://rhn.redhat.com/errata/RHSA-2014-0447.html
http://security.gentoo.org/glsa/glsa-201405-04.xml
http://www.securityfocus.com/bid/67092
http://www.securitytracker.com/id/1030155
Copyright 2024, cxsecurity.com

 

Back to Top