Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201402-06
HistoryFeb 06, 2014 - 12:00 a.m.

Adobe Flash Player: Multiple vulnerabilities

2014-02-0600:00:00
Gentoo Foundation
security.gentoo.org
25

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Background

The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.

Description

Multiple unspecified vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to open a specially crafted SWF file using Adobe Flash Player, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Flash Player users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-plugins/adobe-flash-11.2.202.336"
OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-plugins/adobe-flash< 11.2.202.336UNKNOWN

Related

openvas 30
nessus 39
redhat 4
ubuntucve 7
cve 7
suse 8
prion 7
mageia 4
freebsd 3
threatpost 7
checkpoint_advisories 7
packetstorm 2
zdt 3
seebug 6
hackerone 2
metasploit 2
zdi 2
symantec 1
thn 4
exploitdb 2
securityvulns 1
openvas
openvas
Gentoo Security Advisory GLSA 201402-06
2015-09-29 00:00:00
SuSE Update for flash-player openSUSE-SU-2013:1717-1 (flash-player)
2013-11-19 00:00:00
Adobe Flash Player Code Execution and DoS Vulnerabilities (Nov 2013) - Windows
2013-11-19 00:00:00
nessus
nessus
GLSA-201402-06 : Adobe Flash Player: Multiple vulnerabilities
2014-02-07 00:00:00
Adobe AIR for Mac <= 3.9.0.1030 Memory Corruptions (APSB13-26)
2013-11-13 00:00:00
Flash Player for Mac <= 11.7.700.242 / 11.9.900.117 Memory Corruptions (APSB13-26)
2013-11-13 00:00:00
redhat
redhat
(RHSA-2013:1518) Critical: flash-plugin security update
2013-11-13 00:00:00
(RHSA-2013:1818) Critical: flash-plugin security update
2013-12-11 00:00:00
(RHSA-2014:0028) Critical: flash-plugin security update
2014-01-15 00:00:00
ubuntucve
ubuntucve
CVE-2013-5329
2013-11-13 00:00:00
CVE-2013-5330
2013-11-13 00:00:00
CVE-2013-5331
2013-12-11 00:00:00
cve
cve
CVE-2013-5330
2013-11-13 01:55:00
CVE-2013-5329
2013-11-13 01:55:00
CVE-2013-5331
2013-12-11 15:55:00
suse
suse
flash-player to 11.2.202.327 (important)
2013-11-17 15:04:11
flash-player to 11.2.202.327 (important)
2013-11-21 12:04:14
Security update for flash-player (important)
2013-11-16 00:04:14
prion
prion
Memory corruption
2013-11-13 01:55:00
Memory corruption
2013-11-13 01:55:00
Type confusion
2013-12-11 15:55:00
mageia
mageia
Updated flash-player-plugin package fixes vulnerabilities
2013-12-13 02:24:23
Updated flash-player-plugin packages fix multiple security vulnerabilities
2013-11-18 18:44:16
Updated flash-player-plugin fixes security vulnerabilities
2014-01-25 01:05:53
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2013-11-12 00:00:00
linux-flashplugin -- multiple vulnerabilities
2014-01-14 00:00:00
linux-flashplugin -- multiple vulnerabilities
2014-02-04 00:00:00
threatpost
threatpost
Adobe Updates Security for Flash, Shockwave Players
2013-12-10 15:05:18
Emergency Adobe Flash Player Security Update Patches 0Day
2014-02-04 14:21:26
Kaspersky Provides Details on Latest Adobe Flash Zero Day
2014-02-05 11:05:57
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Memory Corruption (APSB13-26: CVE-2013-5329)
2013-12-29 00:00:00
Adobe Flash Player Type Confusion Arbitrary Code Execution (APSB13-28; CVE-2013-5331)
2014-01-14 00:00:00
Adobe Flash Player Memory Corruption (APSB13-26; CVE-2013-5330)
2014-02-17 00:00:00
packetstorm
packetstorm
Adobe Flash Player Type Confusion Remote Code Execution
2014-04-29 00:00:00
Adobe Flash Player Integer Underflow Remote Code Execution
2014-05-05 00:00:00
zdt
zdt
Adobe Flash Player Type Confusion Remote Code Execution Exploit
2014-04-29 00:00:00
Adobe Flash Player Integer Underflow Remote Code Execution Exploit
2014-05-06 00:00:00
Integer underflow in Adobe Flash Player Exploit
2014-05-08 00:00:00
seebug
seebug
Adobe Flash Player及AIR类型混淆远程代码执行漏洞(CVE-2013-5331)
2013-12-11 00:00:00
Adobe Flash Player Type Confusion Remote Code Execution
2014-07-01 00:00:00
Adobe Flash Player及AIR远程内存破坏漏洞(CVE-2013-5330)(apsb13-26)
2013-11-17 00:00:00
hackerone
hackerone
Internet Bug Bounty: Flash type confusion vulnerability leads to code execution
2013-12-10 00:00:00
Internet Bug Bounty: Handling of jar: URIs bypasses AllowScriptAccess=never
2014-01-14 00:00:00
metasploit
metasploit
Adobe Flash Player Type Confusion Remote Code Execution
2014-04-27 15:40:46
Adobe Flash Player Integer Underflow Remote Code Execution
2014-05-04 01:04:46
zdi
zdi
Adobe Flash Player Memory Corruption Remote Code Execution Vulnerability
2013-12-15 00:00:00
Adobe Flash Player Jump Opcode Information Leak Vulnerability
2014-02-05 00:00:00
symantec
symantec
Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
2014-02-04 00:00:00
thn
thn
Adobe issues Emergency Flash Player update to patch critical zero-day threat
2014-02-05 04:13:00
Security updates for available for Adobe Flash Player and ColdFusion vulnerabilities
2013-11-13 05:22:00
Security updates for available for Adobe Flash Player and ColdFusion vulnerabilities
2013-11-13 16:22:00
exploitdb
exploitdb
Adobe Flash Player - Type Confusion Remote Code Execution (Metasploit)
2014-04-29 00:00:00
Adobe Flash Player - Integer Underflow Remote Code Execution (Metasploit)
2014-05-06 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2014-05-04 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON
Related for GLSA-201402-06
openvas30nessus39redhat4ubuntucve7cve7suse8prion7mageia4freebsd3threatpost7checkpoint_advisories7packetstorm2zdt3seebug6hackerone2metasploit2zdi2symantec1thn4exploitdb2securityvulns1