Lucene search

[email protected]CVE-2014-0569

HistoryOct 15, 2014 - 10:55 a.m.

CVE-2014-0569

2014-10-1510:55:06

CWE-190

[email protected]

web.nvd.nist.gov

cve-2014-0569

adobe flash player

integer overflow

arbitrary code execution

nvd

security vulnerability

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.406

AND

linuxlinux_kernelMatch-

Node

adobeflash_playerRange≤13.0.0.244extended_support

AND

applemacosMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤15.0.0.152chrome

AND

applemacosMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤15.0.0.167internet_explorer_10

adobeflash_playerRange≤15.0.0.167internet_explorer_11

AND

microsoftwindows_8Match-

microsoftwindows_8.1Match-

Node

adobeflash_player_desktop_runtimeRange≤15.0.0.167

AND

applemacosMatch-

microsoftwindowsMatch-

Node

adobeair_desktop_runtimeRange≤15.0.0.249

AND

applemacosMatch-

microsoftwindowsMatch-

Node

adobeair_sdkRange≤15.0.0.249

AND

appleiphone_osMatch-

applemacosMatch-

microsoftwindowsMatch-

Node

adobeair_sdkRange≤15.0.0.252

AND

googleandroidMatch-

Node

opensuseevergreenMatch11.4

opensuseopensuseMatch12.3

opensuseopensuseMatch13.1

suselinux_enterprise_desktopMatch11sp3

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.406

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.406

References

helpx.adobe.com/security/products/flash-player/apsb14-22.html

lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html

lists.opensuse.org/opensuse-updates/2014-10/msg00033.html

rhn.redhat.com/errata/RHSA-2014-1648.html

secunia.com/advisories/61980

www.securityfocus.com/bid/70441

www.securitytracker.com/id/1031019

www.zerodayinitiative.com/advisories/ZDI-14-365/

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Related for CVE-2014-0569

prion1 metasploit1 seebug1 checkpoint_advisories1 ubuntucve1 zdi1 nvd1 cvelist1 zdt1 threatpost5 packetstorm1 symantec1 exploitdb1 redhat1 suse3 nessus13 openvas9 gentoo1 mageia1