CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
94.0%
Versions of Flash player earlier than 14.0.0.125 (or 11.2.202.378 on Linux) are unpatched for the following vulnerabilities:
Multiple unspecified errors that could be leveraged for cross-site scripting attacks. (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533)
Multiple unspecified errors that could permit unspecified security bypass attacks. (CVE-2014-0534, CVE-2014-0535)
Unspecified memory corruption issue that can be leveraged for arbitrary code execution (CVE-2014-0536)
Binary data 8294.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0531
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0532
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0533
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0534
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0535
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0536
helpx.adobe.com/security/products/flash-player/apsb14-16.html