Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAdobeCVE-2014-0506
HistoryMar 27, 2014 - 10:55 a.m.

CVE-2014-0506

2014-03-2710:55:04
CWE-399
adobe
web.nvd.nist.gov
52
4
cve-2014-0506
adobe flash player
vulnerability
execute arbitrary code
sandbox protection
pwn2own
cansecwest 2014
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.334

Percentile

97.1%

JSON

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.

Affected configurations

Nvd
Node
adobeflash_playerMatch12.0.0.77
AND
microsoftwindows
VendorProductVersionCPE
adobeflash_player12.0.0.77cpe:2.3:a:adobe:flash_player:12.0.0.77:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Social References

More

Related

cvelist 1
prion 1
securityvulns 2
checkpoint_advisories 1
seebug 1
zdi 1
nvd 1
openvas 4
nessus 14
altlinux 2
suse 1
redhat 1
mageia 1
gentoo 1
cvelist
cvelist
CVE-2014-0506
2014-03-27 10:00:00
prion
prion
Design/Logic Flaw
2014-03-27 10:55:00
securityvulns
securityvulns
VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own)
2014-05-04 00:00:00
Adobe Flash Player multiple security vulnerabilities
2014-05-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB14-09; CVE-2014-0506)
2014-04-09 00:00:00
seebug
seebug
Adobe Flash Playerδ»»ζ„δ»£η ζ‰§θ‘ŒζΌζ΄ž
2014-03-28 00:00:00
zdi
zdi
(Pwn2Own) Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability
2014-04-11 00:00:00
nvd
nvd
CVE-2014-0506
2014-03-27 10:55:04
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities - 01 (Apr 2014) - Windows
2014-04-01 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2014:0535-1)
2015-10-16 00:00:00
Mageia: Security Advisory (MGASA-2014-0169)
2022-01-28 00:00:00
nessus
nessus
Adobe AIR < 13.0.0.83 Multiple Vulnerabilities (APSB14-09)
2015-07-10 00:00:00
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9120)
2014-04-17 00:00:00
Flash Player for Mac <= 11.7.700.272 / 12.0.0.77 Multiple Vulnerabilities (APSB14-09) (Mac OS X)
2014-04-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt28
2014-04-15 00:00:00
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt28
2014-04-15 00:00:00
suse
suse
Security update for flash-player (important)
2014-04-16 19:04:49
redhat
redhat
(RHSA-2014:0380) Critical: flash-plugin security update
2014-04-09 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes multiple vulnerabilities
2014-04-09 19:40:40
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-05-03 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.334

Percentile

97.1%

JSON
Related for CVE-2014-0506
cvelist1prion1securityvulns2checkpoint_advisories1seebug1zdi1nvd1openvas4nessus14altlinux2suse1redhat1mageia1gentoo1