Lucene search

[email protected]CVE-2014-0515

HistoryApr 29, 2014 - 10:37 a.m.

CVE-2014-0515

2014-04-2910:37:03

CWE-119

[email protected]

web.nvd.nist.gov

adobe flash player

buffer overflow

cve-2014-0515

remote code execution

security vulnerability

nvd

exploit

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.7%

JSON

Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.

Affected configurations

NVD

Node

adobeflash_playerRange11.0–11.2.202.346

AND

linuxlinux_kernel

Node

adobeflash_playerRange11.0–11.7.700.279

adobeflash_playerRange11.8–13.0.0.206

AND

applemac_os_x

microsoftwindowsMatch-

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt11.2.202.346

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	lt	11.2.202.346

References

helpx.adobe.com/security/products/flash-player/apsb14-13.html

lists.opensuse.org/opensuse-security-announce/2014-04/msg00017.html

lists.opensuse.org/opensuse-security-announce/2014-05/msg00000.html

lists.opensuse.org/opensuse-security-announce/2014-05/msg00001.html

rhn.redhat.com/errata/RHSA-2014-0447.html

security.gentoo.org/glsa/glsa-201405-04.xml

www.securityfocus.com/bid/67092

www.securitytracker.com/id/1030155

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.7%

JSON

CVE-2014-0515

Affected configurations

References

Related