CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
85.9%
Versions of Flash earlier than 11.7.700.260 / 12.0.0.43 are vulnerable to remote code execution, though no further details have been released by the vendor. (CVE-2014-0491)
Exploits against this vulnerability are known to be used in the wild.
Binary data 8109.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0497
helpx.adobe.com/security/products/flash-player/apsb14-04.html
www.cnnvd.org.cn/vulnerability/show/cv_id/2014020035
www.securelist.com/en/blog/8177/CVE_2014_0497_a_0_day_vulnerability
www.corelan.be/index.php/2014/02/05/corelan-team-reply-to-false-allegation-made-by-kaspersky