Lucene search
AdobeCVE-2014-0508HistoryApr 08, 2014 - 11:55 p.m.
CVE-2014-0508
2014-04-0823:55:06
CWE-264
adobe
web.nvd.nist.gov
59
4
cve-2014-0508
adobe flash player
adobe air
access restrictions
sensitive information
vulnerability
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.005
Percentile
76.1%
Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
Affected configurations
Node
adobeadobe_air_sdkRange≤4.0.0.1628
ORadobeadobe_air_sdkMatch3.0.0.4080
ORadobeadobe_air_sdkMatch3.1.0.488
ORadobeadobe_air_sdkMatch3.2.0.2070
ORadobeadobe_air_sdkMatch3.3.0.3650
ORadobeadobe_air_sdkMatch3.3.0.3690
ORadobeadobe_air_sdkMatch3.4.0.2540
ORadobeadobe_air_sdkMatch3.4.0.2710
ORadobeadobe_air_sdkMatch3.5.0.600
ORadobeadobe_air_sdkMatch3.5.0.880
ORadobeadobe_air_sdkMatch3.5.0.890
ORadobeadobe_air_sdkMatch3.5.0.1060
ORadobeadobe_air_sdkMatch3.6.0.599
ORadobeadobe_air_sdkMatch3.6.0.6090
ORadobeadobe_air_sdkMatch3.7.0.1530
ORadobeadobe_air_sdkMatch3.7.0.1860
ORadobeadobe_air_sdkMatch3.7.0.2090
ORadobeadobe_air_sdkMatch3.8.0.870
ORadobeadobe_air_sdkMatch3.8.0.910
ORadobeadobe_air_sdkMatch3.8.0.1430
ORadobeadobe_air_sdkMatch3.9.0.1030
ORadobeadobe_air_sdkMatch3.9.0.1210
ORadobeadobe_air_sdkMatch3.9.0.1380
ORadobeadobe_air_sdkMatch4.0.0.1390
Node
adobeadobe_airRange≤4.0.0.1390
ORadobeadobe_airMatch1.0
ORadobeadobe_airMatch1.0.1
ORadobeadobe_airMatch1.0.8.4990
ORadobeadobe_airMatch1.0.4990
ORadobeadobe_airMatch1.1
ORadobeadobe_airMatch1.1.0.5790
ORadobeadobe_airMatch1.5
ORadobeadobe_airMatch1.5.0.7220
ORadobeadobe_airMatch1.5.1
ORadobeadobe_airMatch1.5.1.8210
ORadobeadobe_airMatch1.5.2
ORadobeadobe_airMatch1.5.3
ORadobeadobe_airMatch1.5.3.9120
ORadobeadobe_airMatch1.5.3.9130
ORadobeadobe_airMatch2.0.2
ORadobeadobe_airMatch2.0.2.12610
ORadobeadobe_airMatch2.0.3
ORadobeadobe_airMatch2.0.3.13070
ORadobeadobe_airMatch2.0.4
ORadobeadobe_airMatch2.5.0.16600
ORadobeadobe_airMatch2.5.1.17730
ORadobeadobe_airMatch2.6
ORadobeadobe_airMatch2.6.0.19120
ORadobeadobe_airMatch2.6.0.19140
ORadobeadobe_airMatch2.7
ORadobeadobe_airMatch2.7.0.1948
ORadobeadobe_airMatch2.7.0.1953
ORadobeadobe_airMatch2.7.0.19480
ORadobeadobe_airMatch2.7.0.19530
ORadobeadobe_airMatch2.7.1
ORadobeadobe_airMatch2.7.1.19610
ORadobeadobe_airMatch3.0.0.408
ORadobeadobe_airMatch3.0.0.4080
ORadobeadobe_airMatch3.1.0.485
ORadobeadobe_airMatch3.1.0.488
ORadobeadobe_airMatch3.1.0.4880
ORadobeadobe_airMatch3.2.0.207
ORadobeadobe_airMatch3.2.0.2070
ORadobeadobe_airMatch3.3.0.3670
ORadobeadobe_airMatch3.4.0.2540
ORadobeadobe_airMatch3.4.0.2710
ORadobeadobe_airMatch3.5.0.600
ORadobeadobe_airMatch3.5.0.880
ORadobeadobe_airMatch3.5.0.890
ORadobeadobe_airMatch3.5.0.1060
ORadobeadobe_airMatch3.6.0.597
ORadobeadobe_airMatch3.6.0.6090
ORadobeadobe_airMatch3.7.0.1530
ORadobeadobe_airMatch3.7.0.1860
ORadobeadobe_airMatch3.7.0.2090
ORadobeadobe_airMatch3.8.0.870
ORadobeadobe_airMatch3.8.0.910
ORadobeadobe_airMatch3.9.0.1030
ORadobeadobe_airMatch3.9.0.1060
ORadobeadobe_airMatch3.9.0.1210
ORadobeadobe_airMatch3.9.0.1380
Node
adobeflash_playerRange≤11.2.202.346
ORadobeflash_playerMatch11.0
ORadobeflash_playerMatch11.0.1.152
ORadobeflash_playerMatch11.0.1.153
ORadobeflash_playerMatch11.1
ORadobeflash_playerMatch11.1.102.55
ORadobeflash_playerMatch11.1.102.59
ORadobeflash_playerMatch11.1.102.62
ORadobeflash_playerMatch11.1.102.63
ORadobeflash_playerMatch11.1.111.8
ORadobeflash_playerMatch11.1.111.44
ORadobeflash_playerMatch11.1.111.50
ORadobeflash_playerMatch11.1.111.54
ORadobeflash_playerMatch11.1.115.7
ORadobeflash_playerMatch11.1.115.34
ORadobeflash_playerMatch11.1.115.48
ORadobeflash_playerMatch11.1.115.54
ORadobeflash_playerMatch11.1.115.58
ORadobeflash_playerMatch11.2.202.223
ORadobeflash_playerMatch11.2.202.228
ORadobeflash_playerMatch11.2.202.233
ORadobeflash_playerMatch11.2.202.235
ORadobeflash_playerMatch11.2.202.236
ORadobeflash_playerMatch11.2.202.238
ORadobeflash_playerMatch11.2.202.243
ORadobeflash_playerMatch11.2.202.251
ORadobeflash_playerMatch11.2.202.258
ORadobeflash_playerMatch11.2.202.261
ORadobeflash_playerMatch11.2.202.262
ORadobeflash_playerMatch11.2.202.270
ORadobeflash_playerMatch11.2.202.273
ORadobeflash_playerMatch11.2.202.275
ORadobeflash_playerMatch11.2.202.280
ORadobeflash_playerMatch11.2.202.285
ORadobeflash_playerMatch11.2.202.291
ORadobeflash_playerMatch11.2.202.297
ORadobeflash_playerMatch11.2.202.310
ORadobeflash_playerMatch11.2.202.327
ORadobeflash_playerMatch11.2.202.332
ORadobeflash_playerMatch11.2.202.335
ORadobeflash_playerMatch11.2.202.336
ORadobeflash_playerMatch11.2.202.341
linuxlinux_kernel
Node
adobeflash_playerMatch11.0
ORadobeflash_playerMatch11.0.1.152
ORadobeflash_playerMatch11.0.1.153
ORadobeflash_playerMatch11.1
ORadobeflash_playerMatch11.1.102.55
ORadobeflash_playerMatch11.1.102.59
ORadobeflash_playerMatch11.1.102.62
ORadobeflash_playerMatch11.1.102.63
ORadobeflash_playerMatch11.1.111.8
ORadobeflash_playerMatch11.1.111.44
ORadobeflash_playerMatch11.1.111.50
ORadobeflash_playerMatch11.1.111.54
ORadobeflash_playerMatch11.1.115.7
ORadobeflash_playerMatch11.1.115.34
ORadobeflash_playerMatch11.1.115.48
ORadobeflash_playerMatch11.1.115.54
ORadobeflash_playerMatch11.1.115.58
ORadobeflash_playerMatch11.2.202.223
ORadobeflash_playerMatch11.2.202.228
ORadobeflash_playerMatch11.2.202.233
ORadobeflash_playerMatch11.2.202.235
ORadobeflash_playerMatch11.2.202.236
ORadobeflash_playerMatch11.2.202.238
ORadobeflash_playerMatch11.2.202.243
ORadobeflash_playerMatch11.2.202.251
ORadobeflash_playerMatch11.2.202.258
ORadobeflash_playerMatch11.2.202.261
ORadobeflash_playerMatch11.2.202.262
ORadobeflash_playerMatch11.2.202.270
ORadobeflash_playerMatch11.2.202.273
ORadobeflash_playerMatch11.2.202.275
ORadobeflash_playerMatch11.2.202.280
ORadobeflash_playerMatch11.2.202.285
ORadobeflash_playerMatch11.3.300.257
ORadobeflash_playerMatch11.3.300.262
ORadobeflash_playerMatch11.3.300.265
ORadobeflash_playerMatch11.3.300.268
ORadobeflash_playerMatch11.3.300.270
ORadobeflash_playerMatch11.3.300.271
ORadobeflash_playerMatch11.3.300.273
ORadobeflash_playerMatch11.4.402.265
ORadobeflash_playerMatch11.4.402.278
ORadobeflash_playerMatch11.4.402.287
ORadobeflash_playerMatch11.5.502.110
ORadobeflash_playerMatch11.5.502.135
ORadobeflash_playerMatch11.5.502.136
ORadobeflash_playerMatch11.5.502.146
ORadobeflash_playerMatch11.5.502.149
ORadobeflash_playerMatch11.6.602.167
ORadobeflash_playerMatch11.6.602.168
ORadobeflash_playerMatch11.6.602.171
ORadobeflash_playerMatch11.6.602.180
ORadobeflash_playerMatch11.7.700.169
ORadobeflash_playerMatch11.7.700.202
ORadobeflash_playerMatch11.7.700.224
ORadobeflash_playerMatch11.7.700.232
ORadobeflash_playerMatch11.7.700.242
ORadobeflash_playerMatch11.7.700.252
ORadobeflash_playerMatch11.7.700.257
ORadobeflash_playerMatch11.7.700.260
ORadobeflash_playerMatch11.8.800.94
ORadobeflash_playerMatch11.8.800.97
ORadobeflash_playerMatch11.8.800.168
ORadobeflash_playerMatch11.9.900.117
ORadobeflash_playerMatch11.9.900.152
ORadobeflash_playerMatch11.9.900.170
ORadobeflash_playerMatch12.0.0.38
ORadobeflash_playerMatch12.0.0.41
ORadobeflash_playerMatch12.0.0.43
applemac_os_x
ORmicrosoftwindows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | adobe_air_sdk | * | cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.0.0.4080 | cpe:2.3:a:adobe:adobe_air_sdk:3.0.0.4080:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.1.0.488 | cpe:2.3:a:adobe:adobe_air_sdk:3.1.0.488:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.2.0.2070 | cpe:2.3:a:adobe:adobe_air_sdk:3.2.0.2070:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.3.0.3650 | cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3650:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.3.0.3690 | cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3690:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.4.0.2540 | cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2540:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.4.0.2710 | cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2710:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.5.0.600 | cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.600:*:*:*:*:*:*:* |
| adobe | adobe_air_sdk | 3.5.0.880 | cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.880:*:*:*:*:*:*:* |
References
helpx.adobe.com/security/products/flash-player/apsb14-09.html
lists.opensuse.org/opensuse-security-announce/2014-04/msg00012.html
lists.opensuse.org/opensuse-updates/2014-04/msg00036.html
lists.opensuse.org/opensuse-updates/2014-04/msg00050.html
rhn.redhat.com/errata/RHSA-2014-0380.html
security.gentoo.org/glsa/glsa-201405-04.xml
www.securitytracker.com/id/1030035
Social References
More
Related
ubuntucve
ubuntucve
CVE-2014-0508
2014-04-08 00:00:00
cvelist
cvelist
CVE-2014-0508
2014-04-08 21:00:00
seebug
seebug
Adobe Flash Player/AIR未明安全绕过信息泄漏漏洞
2014-04-11 00:00:00
prion
prion
Design/Logic Flaw
2014-04-08 23:55:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Information Disclosure (APSB14-09: CVE-2014-0508)
2014-04-10 00:00:00
hackerone
hackerone
Internet Bug Bounty: Flash local-with-fileaccess Sandbox Bypass
2014-02-21 01:47:59
nvd
nvd
CVE-2014-0508
2014-04-08 23:55:06
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Mac OS X
2014-04-11 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Windows
2014-04-11 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 02 (Apr 2014) - Linux
2014-04-11 00:00:00
nessus
nessus
Adobe AIR for Mac <= 4.0.0.1628 Multiple Vulnerabilities (APSB14-09)
2014-04-09 00:00:00
redhat
redhat
(RHSA-2014:0380) Critical: flash-plugin security update
2014-04-09 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes multiple vulnerabilities
2014-04-09 19:40:40
altlinux
altlinux
suse
suse
Security update for flash-player (important)
2014-04-16 19:04:49
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-05-03 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2014-05-04 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.005
Percentile
76.1%
Related for CVE-2014-0508