Lucene search

AdobeCVE-2014-0532

HistoryJun 11, 2014 - 10:57 a.m.

CVE-2014-0532

2014-06-1110:57:17

CWE-79

adobe

web.nvd.nist.gov

cve-2014-0532

cross-site scripting

xss

adobe flash player

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

70.2%

JSON

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0533.

Affected configurations

Nvd

Node

adobeadobe_air_sdkRange≤13.0.0.111

adobeadobe_air_sdkMatch13.0.0.83

Node

adobeadobe_airRange≤13.0.0.111

adobeadobe_airMatch13.0.0.83

Node

adobeflash_playerRange≤13.0.0.214

adobeflash_playerMatch13.0.0.182

adobeflash_playerMatch13.0.0.201

adobeflash_playerMatch13.0.0.206

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange≤11.2.202.359

adobeflash_playerMatch11.2.202.223

adobeflash_playerMatch11.2.202.228

adobeflash_playerMatch11.2.202.233

adobeflash_playerMatch11.2.202.235

adobeflash_playerMatch11.2.202.236

adobeflash_playerMatch11.2.202.238

adobeflash_playerMatch11.2.202.243

adobeflash_playerMatch11.2.202.251

adobeflash_playerMatch11.2.202.258

adobeflash_playerMatch11.2.202.261

adobeflash_playerMatch11.2.202.262

adobeflash_playerMatch11.2.202.270

adobeflash_playerMatch11.2.202.273

adobeflash_playerMatch11.2.202.275

adobeflash_playerMatch11.2.202.280

adobeflash_playerMatch11.2.202.285

adobeflash_playerMatch11.2.202.291

adobeflash_playerMatch11.2.202.297

adobeflash_playerMatch11.2.202.310

adobeflash_playerMatch11.2.202.332

adobeflash_playerMatch11.2.202.335

adobeflash_playerMatch11.2.202.336

adobeflash_playerMatch11.2.202.341

adobeflash_playerMatch11.2.202.346

adobeflash_playerMatch11.2.202.350

adobeflash_playerMatch11.2.202.356

AND

linuxlinux_kernel

VendorProductVersionCPE
adobeadobe_air_sdk*cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*
adobeadobe_air_sdk13.0.0.83cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:*:*:*:*:*:*:*
adobeadobe_air*cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
adobeadobe_air13.0.0.83cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player13.0.0.182cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*
adobeflash_player13.0.0.201cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*
adobeflash_player13.0.0.206cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	adobe_air_sdk	*	cpe:2.3:a:adobe:adobe_air_sdk::::::::
adobe	adobe_air_sdk	13.0.0.83	cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:::::::*
adobe	adobe_air	*	cpe:2.3:a:adobe:adobe_air::::::::
adobe	adobe_air	13.0.0.83	cpe:2.3:a:adobe:adobe_air:13.0.0.83:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
adobe	flash_player	13.0.0.182	cpe:2.3:a:adobe:flash_player:13.0.0.182:::::::*
adobe	flash_player	13.0.0.201	cpe:2.3:a:adobe:flash_player:13.0.0.201:::::::*
adobe	flash_player	13.0.0.206	cpe:2.3:a:adobe:flash_player:13.0.0.206:::::::*
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::