Lucene search

[email protected]CVE-2014-0583

HistoryNov 11, 2014 - 11:55 p.m.

CVE-2014-0583

2014-11-1123:55:02

CWE-119

[email protected]

web.nvd.nist.gov

cve

2014

0583

adobe flash player

buffer overflow

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.0%

JSON

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors.

Affected configurations

NVD

Node

adobeflash_playerRange13.0–13.0.0.252

adobeflash_playerRange14.0–14.0.0.179

adobeflash_playerRange15.0–15.0.0.223

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange11.0–11.2.202.418

AND

linuxlinux_kernel

Node

adobeair_sdkRange≤15.0.0.356

Node

adobeairRange≤15.0.0.356

Node

adobeair_sdk_\&_compilerRange<15.0.0.356

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt13.0.0.252
adobe:flash_playeradobe flash playerle14.0.0.179
adobe:flash_playeradobe flash playerlt15.0.0.223