Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable8376.PRM
HistorySep 10, 2014 - 12:00 a.m.

Adobe AIR < 15.0.0.249 Multiple Vulnerabilities (APSB14-21)

2014-09-1000:00:00
Tenable
www.tenable.com
9

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON

Versions of Adobe AIR earlier than 15.0.0.249 are unpatched for the following vulnerabilities :

  • Unspecified memory corruption issues exist that allow arbitrary code execution. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555)
  • An unspecified error exists that allows cross-origin policy violations. (CVE-2014-0548)
  • A use-after-free error exists that allows arbitrary code execution. (CVE-2014-0553)
  • An unspecified error exists that allows an unspecified security bypass. (CVE-2014-0554)
  • Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization. (CVE-2014-0557)
  • Heap-based buffer overflow errors exist that allow arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)
Binary data 8376.prm
VendorProductVersionCPE
adobeaircpe:/a:adobe:air

Related

nessus 14
redhat 1
mageia 1
suse 3
gentoo 1
openvas 9
freebsd 1
cve 12
prion 12
nvd 12
ubuntucve 12
cvelist 12
checkpoint_advisories 12
canvas 1
packetstorm 2
zdt 2
metasploit 1
hackerone 3
googleprojectzero 6
exploitdb 1
threatpost 1
nessus
nessus
Flash Player <= 14.0.0.179 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2014:1110-1)
2014-09-11 00:00:00
MS KB2987114: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
2014-09-10 00:00:00
redhat
redhat
(RHSA-2014:1173) Critical: flash-plugin security update
2014-09-10 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-09-22 12:31:24
suse
suse
update flash-player to 11.2.202.40 (important)
2014-09-16 01:04:20
flash-player to 11.2.202.40 (important)
2014-09-10 17:04:13
Security update for flash-player (important)
2014-09-13 01:04:17
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-09-19 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2014) - Windows
2014-09-12 00:00:00
Adobe AIR Multiple Vulnerabilities-01 (Sep 2014) - Windows
2014-09-12 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2014:1130-1)
2014-09-16 00:00:00
freebsd
freebsd
Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11
2014-09-09 00:00:00
cve
cve
CVE-2014-0550
2014-09-10 01:55:07
CVE-2014-0551
2014-09-10 01:55:07
CVE-2014-0552
2014-09-10 01:55:08
prion
prion
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
nvd
nvd
CVE-2014-0547
2014-09-10 01:55:06
CVE-2014-0551
2014-09-10 01:55:07
CVE-2014-0555
2014-09-10 01:55:08
ubuntucve
ubuntucve
CVE-2014-0555
2014-09-10 00:00:00
CVE-2014-0550
2014-09-10 00:00:00
CVE-2014-0552
2014-09-10 00:00:00
cvelist
cvelist
CVE-2014-0552
2014-09-10 01:00:00
CVE-2014-0550
2014-09-10 01:00:00
CVE-2014-0547
2014-09-10 01:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Memory Corruption (APSB14-21: CVE-2014-0552)
2014-09-21 00:00:00
Adobe Flash Player and AIR String Concatenation Integer Overflow (CVE-2014-0550)
2014-10-14 00:00:00
Adobe Flash Player Same Origin Policy Bypass (APSB14-21: CVE-2014-0548)
2015-05-11 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_COPYPIXELSTOBYTEARRAY
2014-09-10 01:55:00
packetstorm
packetstorm
Adobe Flash Player copyPixelsToByteArray Integer Overflow
2015-04-19 00:00:00
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-09-30 00:00:00
zdt
zdt
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-10-01 00:00:00
Adobe Flash Player copyPixelsToByteArray Integer Overflow Exploit
2015-04-19 00:00:00
metasploit
metasploit
Adobe Flash Player copyPixelsToByteArray Method Integer Overflow
2015-04-15 19:08:16
hackerone
hackerone
Internet Bug Bounty: Flash Local Sandbox Bypass
2014-09-09 20:51:19
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
2014-10-08 02:03:48
Internet Bug Bounty: Adobe Flash Player Out-of-Bound Access Vulnerability
2015-02-07 14:50:18
googleprojectzero
googleprojectzero
Exploiting CVE-2014-0556 in Flash
2014-09-23 00:00:00
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00
Significant Flash exploit mitigations are live in v18.0.0.209
2015-07-16 00:00:00
exploitdb
exploitdb
Adobe Flash Player - copyPixelsToByteArray Integer Overflow (Metasploit)
2015-04-21 00:00:00
threatpost
threatpost
Microsoft Warns of Crowti Ransomware
2014-10-29 14:20:49

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Related for 8376.PRM
nessus14redhat1mageia1suse3gentoo1openvas9freebsd1cve12prion12nvd12ubuntucve12cvelist12checkpoint_advisories12canvas1packetstorm2zdt2metasploit1hackerone3googleprojectzero6exploitdb1threatpost1