Lucene search

[email protected]CVE-2014-0543

HistoryAug 12, 2014 - 10:55 p.m.

CVE-2014-0543

2014-08-1222:55:02

CWE-264

[email protected]

web.nvd.nist.gov

190

cve-2014-0543

adobe flash player

memory address

discovery

bypass

aslr

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

JSON

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0544, and CVE-2014-0545.

Affected configurations

NVD

Node

adobeflash_playerRange≤13.0.0.231

adobeflash_playerMatch13.0.0.182

adobeflash_playerMatch13.0.0.201

adobeflash_playerMatch13.0.0.206

adobeflash_playerMatch13.0.0.214

adobeflash_playerMatch13.0.0.223

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange≤11.2.202.394

adobeflash_playerMatch11.2.202.223

adobeflash_playerMatch11.2.202.228

adobeflash_playerMatch11.2.202.233

adobeflash_playerMatch11.2.202.235

adobeflash_playerMatch11.2.202.236

adobeflash_playerMatch11.2.202.238

adobeflash_playerMatch11.2.202.243

adobeflash_playerMatch11.2.202.251

adobeflash_playerMatch11.2.202.258

adobeflash_playerMatch11.2.202.261

adobeflash_playerMatch11.2.202.262

adobeflash_playerMatch11.2.202.270

adobeflash_playerMatch11.2.202.273

adobeflash_playerMatch11.2.202.275

adobeflash_playerMatch11.2.202.280

adobeflash_playerMatch11.2.202.285

adobeflash_playerMatch11.2.202.291

adobeflash_playerMatch11.2.202.297

adobeflash_playerMatch11.2.202.310

adobeflash_playerMatch11.2.202.332

adobeflash_playerMatch11.2.202.335

adobeflash_playerMatch11.2.202.336

adobeflash_playerMatch11.2.202.341

adobeflash_playerMatch11.2.202.346

adobeflash_playerMatch11.2.202.350

adobeflash_playerMatch11.2.202.356

adobeflash_playerMatch11.2.202.359

adobeflash_playerMatch11.2.202.378

AND

linuxlinux_kernel

Node

adobeadobe_air_sdkRange≤14.0.0.137

adobeadobe_air_sdkMatch13.0.0.83

adobeadobe_air_sdkMatch13.0.0.111

adobeadobe_air_sdkMatch14.0.0.110

Node

adobeadobe_airRange≤14.0.0.110

adobeadobe_airMatch13.0.0.83

adobeadobe_airMatch13.0.0.111

AND

applemac_os_x

microsoftwindows

Node

adobeadobe_airRange≤14.0.0.137

adobeadobe_airMatch13.0.0.83

adobeadobe_airMatch13.0.0.111

adobeadobe_airMatch14.0.0.110

AND

googleandroid

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle13.0.0.231
adobe:flash_playeradobe flash playereq13.0.0.182
adobe:flash_playeradobe flash playereq13.0.0.201
adobe:flash_playeradobe flash playereq13.0.0.206
adobe:flash_playeradobe flash playereq13.0.0.214
adobe:flash_playeradobe flash playereq13.0.0.223
adobe:flash_playeradobe flash playereq14.0.0.125
adobe:flash_playeradobe flash playereq14.0.0.145

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	13.0.0.231
adobe:flash_player	adobe flash player	eq	13.0.0.182
adobe:flash_player	adobe flash player	eq	13.0.0.201
adobe:flash_player	adobe flash player	eq	13.0.0.206
adobe:flash_player	adobe flash player	eq	13.0.0.214
adobe:flash_player	adobe flash player	eq	13.0.0.223
adobe:flash_player	adobe flash player	eq	14.0.0.125
adobe:flash_player	adobe flash player	eq	14.0.0.145