Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11814
HistorySep 06, 2020 - 12:00 a.m.

KLA11814 Use after free vulnerability in Adobe Flash Player

2020-09-0600:00:00
Kaspersky Lab
threats.kaspersky.com
15
adobe flash player
use after free
cve-2020-9633
arbitrary code execution
security update

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON

Use after free vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to execute arbitrary code.

Original advisories

APSB20-30

Related products

Adobe-Flash-Player-ActiveX

Adobe-Flash-Player-NPAPI

Adobe-Flash-Player-PPAPI

CVE list

CVE-2020-9633 critical

Solution

Update to the latest version

Flash Player Download Center

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

  • Adobe Flash Player earlier than 32.0.0.387

Related

nessus 6
ubuntucve 1
openvas 8
mageia 1
redhat 1
adobe 1
nvd 1
redhatcve 1
mscve 1
freebsd 1
gentoo 1
prion 1
cvelist 1
cve 1
thn 1
malwarebytes 1
threatpost 2
nessus
nessus
KB4561600: Security update for Adobe Flash Player (June 2020)
2020-06-09 00:00:00
Adobe Flash Player for Mac <= 32.0.0.371 (APSB20-30)
2020-06-09 00:00:00
GLSA-202006-09 : Adobe Flash Player: Arbitrary code execution
2020-06-17 00:00:00
ubuntucve
ubuntucve
CVE-2020-9633
2020-06-12 00:00:00
openvas
openvas
Adobe Flash Player Microsoft Edge and Internet Explorer Security Update (APSB20-30) - Windows
2020-06-10 00:00:00
Adobe Flash Player Security Update (APSB20-30) - Linux
2020-06-10 00:00:00
Adobe Flash Player Security Update (APSB20-30) - Mac OS X
2020-06-10 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix security vulnerability
2020-06-15 10:54:40
redhat
redhat
(RHSA-2020:2547) Critical: flash-plugin security update
2020-06-15 09:27:32
adobe
adobe
APSB20-30 Security updates available for Adobe Flash Player
2020-06-09 00:00:00
nvd
nvd
CVE-2020-9633
2020-06-12 14:15:11
redhatcve
redhatcve
CVE-2020-9633
2020-06-09 20:55:01
mscve
mscve
June 2020 Adobe Flash Security Update
2020-06-09 07:00:00
freebsd
freebsd
Flash Player -- arbitrary code execution
2020-06-09 00:00:00
gentoo
gentoo
Adobe Flash Player: Arbitrary code execution
2020-06-13 00:00:00
prion
prion
Double free
2020-06-12 14:15:00
cvelist
cvelist
CVE-2020-9633
2020-06-12 13:17:20
cve
cve
CVE-2020-9633
2020-06-12 14:15:11
thn
thn
Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities
2020-06-09 18:14:00
malwarebytes
malwarebytes
Insights into your unpatched vulnerabilities
2023-12-11 10:17:48
threatpost
threatpost
Adobe Warns of Critical Flaws in Flash Player, Framemaker
2020-06-09 15:27:28
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
2020-06-09 19:28:54

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON
Related for KLA11814
nessus6ubuntucve1openvas8mageia1redhat1adobe1nvd1redhatcve1mscve1freebsd1gentoo1prion1cvelist1cve1thn1malwarebytes1threatpost2