CVE-2014-0580

2014-12-1021:59:00

CWE-264

[email protected]

web.nvd.nist.gov

adobe flash player

cve-2014-0580

same origin policy

remote attack

security vulnerability

os x

windows

linux

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.3%

JSON

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Affected configurations

NVD

Node

adobeflash_playerRange13–13.0.0.259

adobeflash_playerRange14–14.0.0.179

adobeflash_playerRange16–16.0.0.235

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange11.2–11.2.202.425

AND

linuxlinux_kernel

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt13.0.0.259
adobe:flash_playeradobe flash playerle14.0.0.179
adobe:flash_playeradobe flash playerlt16.0.0.235