CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.3%
Versions of Flash player earlier than 14.0.0.176 are unpatched for vulnerabilities related to the flash-plugin’s processing of certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or potentially execute arbitrary code when the SWF content is loaded. (CVE-2014-0538, CVE-2014-0540, CVE-2014-0541, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545)
Binary data 8357.prm
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | flash_player | cpe:/a:adobe:flash_player |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0540
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0541
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0542
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0545
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5333
helpx.adobe.com/security/products/flash-player/apsb14-18.html
miki.it/blog/2014/8/15/adobe-really-fixed-rosetta-flash-today/
www.scmagazine.com/adobe-addresses-three-vulnerabilities-flash-player-deemed-critical/article/359931/