Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-0538
HistoryAug 12, 2014 - 10:55 p.m.

CVE-2014-0538

2014-08-1222:55:02
[email protected]
web.nvd.nist.gov
38
cve-2014-0538
adobe flash player
vulnerability
windows
os x
linux
adobe air
arbitrary code
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.033

Percentile

91.4%

JSON

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 allows attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD
Node
adobeflash_playerRange11.2.202.394
OR
adobeflash_playerMatch11.2.202.223
OR
adobeflash_playerMatch11.2.202.228
OR
adobeflash_playerMatch11.2.202.233
OR
adobeflash_playerMatch11.2.202.235
OR
adobeflash_playerMatch11.2.202.236
OR
adobeflash_playerMatch11.2.202.238
OR
adobeflash_playerMatch11.2.202.243
OR
adobeflash_playerMatch11.2.202.251
OR
adobeflash_playerMatch11.2.202.258
OR
adobeflash_playerMatch11.2.202.261
OR
adobeflash_playerMatch11.2.202.262
OR
adobeflash_playerMatch11.2.202.270
OR
adobeflash_playerMatch11.2.202.273
OR
adobeflash_playerMatch11.2.202.275
OR
adobeflash_playerMatch11.2.202.280
OR
adobeflash_playerMatch11.2.202.285
OR
adobeflash_playerMatch11.2.202.291
OR
adobeflash_playerMatch11.2.202.297
OR
adobeflash_playerMatch11.2.202.310
OR
adobeflash_playerMatch11.2.202.332
OR
adobeflash_playerMatch11.2.202.335
OR
adobeflash_playerMatch11.2.202.336
OR
adobeflash_playerMatch11.2.202.341
OR
adobeflash_playerMatch11.2.202.346
OR
adobeflash_playerMatch11.2.202.350
OR
adobeflash_playerMatch11.2.202.356
OR
adobeflash_playerMatch11.2.202.359
OR
adobeflash_playerMatch11.2.202.378
AND
linuxlinux_kernel
Node
adobeadobe_airRange14.0.0.137
OR
adobeadobe_airMatch13.0.0.83
OR
adobeadobe_airMatch13.0.0.111
OR
adobeadobe_airMatch14.0.0.110
AND
googleandroid
Node
adobeadobe_airRange14.0.0.110
OR
adobeadobe_airMatch13.0.0.83
OR
adobeadobe_airMatch13.0.0.111
AND
applemac_os_x
OR
microsoftwindows
Node
adobeadobe_air_sdkRange14.0.0.137
OR
adobeadobe_air_sdkMatch13.0.0.83
OR
adobeadobe_air_sdkMatch13.0.0.111
OR
adobeadobe_air_sdkMatch14.0.0.110
Node
adobeflash_playerRange13.0.0.231
OR
adobeflash_playerMatch13.0.0.182
OR
adobeflash_playerMatch13.0.0.201
OR
adobeflash_playerMatch13.0.0.206
OR
adobeflash_playerMatch13.0.0.214
OR
adobeflash_playerMatch13.0.0.223
OR
adobeflash_playerMatch14.0.0.125
OR
adobeflash_playerMatch14.0.0.145
AND
applemac_os_x
OR
microsoftwindows
VendorProductVersionCPE
adobeflash_player11.2.202.261cpe:/a:adobe:flash_player:11.2.202.261:::
adobeflash_player11.2.202.341cpe:/a:adobe:flash_player:11.2.202.341:::
adobeflash_player11.2.202.238cpe:/a:adobe:flash_player:11.2.202.238:::
adobeflash_player11.2.202.346cpe:/a:adobe:flash_player:11.2.202.346:::
adobeflash_player11.2.202.233cpe:/a:adobe:flash_player:11.2.202.233:::
adobeflash_player11.2.202.258cpe:/a:adobe:flash_player:11.2.202.258:::
adobeflash_player11.2.202.223cpe:/a:adobe:flash_player:11.2.202.223:::
adobeflash_player11.2.202.270cpe:/a:adobe:flash_player:11.2.202.270:::
adobeflash_player11.2.202.350cpe:/a:adobe:flash_player:11.2.202.350:::
adobeflash_player11.2.202.243cpe:/a:adobe:flash_player:11.2.202.243:::
Rows per page:
1-10 of 291

Related

ubuntucve 1
hackerone 1
checkpoint_advisories 1
nvd 1
prion 1
cvelist 1
openvas 10
suse 3
mageia 1
nessus 12
gentoo 2
redhat 1
ubuntucve
ubuntucve
CVE-2014-0538
2014-08-12 00:00:00
hackerone
hackerone
Internet Bug Bounty: Adobe Flash Player FileReference Use-after-Free Vulnerability
2014-05-19 04:49:05
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB14-18: CVE-2014-0538)
2014-08-19 00:00:00
nvd
nvd
CVE-2014-0538
2014-08-12 22:55:02
prion
prion
Design/Logic Flaw
2014-08-12 22:55:00
cvelist
cvelist
CVE-2014-0538
2014-08-12 22:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SU-2014:1035-1)
2015-10-16 00:00:00
Gentoo Security Advisory GLSA 201408-05
2015-09-29 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2014:1029-1)
2014-08-17 00:00:00
suse
suse
update for flash-player (critical)
2014-08-14 13:04:21
Security update for flash-player (important)
2014-08-19 01:04:46
update for flash-player (critical)
2014-08-16 17:04:18
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2014-08-18 13:14:56
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2014:1020-1)
2014-08-15 00:00:00
GLSA-201408-05 : Adobe Flash Player: Multiple vulnerabilities
2014-08-15 00:00:00
MS KB2982794: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
2014-08-12 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-08-14 00:00:00
Chromium: Multiple vulnerabilities
2014-08-30 00:00:00
redhat
redhat
(RHSA-2014:1051) Critical: flash-plugin security update
2014-08-13 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.033

Percentile

91.4%

JSON
Related for CVE-2014-0538
ubuntucve1hackerone1checkpoint_advisories1nvd1prion1cvelist1openvas10suse3mageia1nessus12gentoo2redhat1