Lucene search
Tenable8327.PRMHistoryJul 08, 2014 - 12:00 a.m.
Adobe AIR < 14.0.0.137 Multiple Vulnerabilities (APSB14-17)
2014-07-0800:00:00
Tenable
www.tenable.com
11
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.9%
Versions of Adobe AIR earlier than 14.0.0.137 are affected by the following vulnerabilities :
- A flaw exists as data from JSONP callback APIs is insufficiently validated. With specially crafted SWF file content passed as a JSONP callback and then reflected by a vulnerable JSONP endpoint on a site, a context-dependent attacker can perform a Cross-Site Request Forgery (CSRF / XSRF) attack, causing the victim to perform various actions supported by the affected site. (CVE-2014-4671, CVE-2014-5333)
- Multiple unspecified errors exist that could allow unspecified security bypass attacks. (CVE-2014-0537, CVE-2014-0539)
Binary data 8327.prmRelated
redhat
redhat
(RHSA-2014:0860) Critical: flash-plugin security update
2014-07-09 00:00:00
(RHSA-2014:1051) Critical: flash-plugin security update
2014-08-13 00:00:00
suse
suse
flash-player (critical)
2014-07-17 09:04:16
flash-player (critical)
2014-07-16 12:04:13
Security update for flash-player (critical)
2014-07-15 07:04:19
kaspersky
kaspersky
KLA10036 Multiple vulnerabilities in Adobe Flash and Adobe AIR
2014-07-08 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities-01 (Jul 2014) - Windows
2014-07-11 00:00:00
Mageia: Security Advisory (MGASA-2014-0291)
2022-01-28 00:00:00
Adobe Flash Player Multiple Vulnerabilities-01 (Jul 2014) - Linux
2014-07-11 00:00:00
nessus
nessus
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9508)
2014-07-15 00:00:00
MS KB2974008: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
2014-07-08 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2014:0903-1)
2014-07-17 00:00:00
altlinux
altlinux
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-07-09 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix multiple vulnerabilities
2014-07-10 03:21:32
Updated flash-player-plugin package fixes security vulnerability
2015-06-24 08:58:28
nvd
nvd
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
prion
prion
Design/Logic Flaw
2014-07-09 05:04:00
Design/Logic Flaw
2014-07-09 05:04:00
Cross site request forgery (csrf)
2014-08-19 11:16:00
osv
osv
Rosetta-Flash JSONP Vulnerability in hapi
2020-08-31 22:45:35
github
github
Rosetta-Flash JSONP Vulnerability in hapi
2020-08-31 22:45:35
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player and AIR Security Bypass (APSB14-17; CVE-2014-0537)
2014-08-12 00:00:00
Adobe Flash Player and AIR Security Bypass (APSB14-17: CVE-2014-0539)
2014-07-24 00:00:00
nodejs
nodejs
Rosetta-Flash JSONP Vulnerability
2015-10-17 19:41:46
threatpost
threatpost
June 2015 Adobe Flash Player Security Update
2015-06-09 11:39:01
symfony
symfony
Security releases (CVE-2014-4931): Symfony 2.3.18, 2.4.8, and 2.5.2 released
2014-07-15 00:00:00
freebsd
freebsd
Adobe Flash Player -- critical vulnerabilities
2015-06-09 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.9%
Related for 8327.PRM