Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable8382.PRM
HistorySep 10, 2014 - 12:00 a.m.

Flash Player < 14.0.0.180 (inferred) Multiple Vulnerabilities (APSB14-21)

2014-09-1000:00:00
Tenable
www.tenable.com
14

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON

Versions of Adobe Flash Player prior or equal to 14.0.0.179 are outdated and thus unpatched for the following vulnerabilities :

  • Unspecified memory corruption issues exist that allow arbitrary code execution (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555).
  • An unspecified error exists that allows cross-origin policy violations (CVE-2014-0548).
  • A use-after-free error exists that allows arbitrary code execution (CVE-2014-0553).
  • An unspecified error exists that allows an unspecified security bypass (CVE-2014-0554).
  • Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization (CVE-2014-0557).
  • Heap-based buffer overflow errors exist that allow arbitrary code execution (CVE-2014-0556, CVE-2014-0559).
Binary data 8382.prm
VendorProductVersionCPE
adobeflash_playercpe:/a:adobe:flash_player

Related

nessus 14
openvas 9
freebsd 1
redhat 1
mageia 1
suse 3
gentoo 1
cve 12
prion 12
cvelist 12
nvd 12
ubuntucve 12
checkpoint_advisories 12
canvas 1
packetstorm 2
zdt 2
hackerone 3
metasploit 1
googleprojectzero 6
exploitdb 1
threatpost 1
nessus
nessus
FreeBSD : Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11 (ca44b64c-4453-11e4-9ea1-c485083ca99c)
2014-09-26 00:00:00
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9704)
2014-09-14 00:00:00
Flash Player <= 14.0.0.179 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
openvas
openvas
Adobe AIR Multiple Vulnerabilities-01 (Sep 2014) - Windows
2014-09-12 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2014:1130-1)
2014-09-16 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2014:1124-1)
2015-10-16 00:00:00
freebsd
freebsd
Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11
2014-09-09 00:00:00
redhat
redhat
(RHSA-2014:1173) Critical: flash-plugin security update
2014-09-10 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-09-22 12:31:24
suse
suse
update flash-player to 11.2.202.40 (important)
2014-09-16 01:04:20
flash-player to 11.2.202.40 (important)
2014-09-10 17:04:13
Security update for flash-player (important)
2014-09-13 01:04:17
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-09-19 00:00:00
cve
cve
CVE-2014-0549
2014-09-10 01:55:07
CVE-2014-0555
2014-09-10 01:55:08
CVE-2014-0547
2014-09-10 01:55:06
prion
prion
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
cvelist
cvelist
CVE-2014-0551
2014-09-10 01:00:00
CVE-2014-0547
2014-09-10 01:00:00
CVE-2014-0550
2014-09-10 01:00:00
nvd
nvd
CVE-2014-0552
2014-09-10 01:55:08
CVE-2014-0547
2014-09-10 01:55:06
CVE-2014-0551
2014-09-10 01:55:07
ubuntucve
ubuntucve
CVE-2014-0549
2014-09-10 00:00:00
CVE-2014-0555
2014-09-10 00:00:00
CVE-2014-0550
2014-09-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Same Origin Policy Bypass (APSB14-21: CVE-2014-0548)
2015-05-11 00:00:00
Adobe Flash Player Memory Corruption (APSB14-21: CVE-2014-0552)
2014-09-21 00:00:00
Adobe Flash Player and AIR String Concatenation Integer Overflow (CVE-2014-0550)
2014-10-14 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_COPYPIXELSTOBYTEARRAY
2014-09-10 01:55:00
packetstorm
packetstorm
Adobe Flash Player copyPixelsToByteArray Integer Overflow
2015-04-19 00:00:00
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-09-30 00:00:00
zdt
zdt
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-10-01 00:00:00
Adobe Flash Player copyPixelsToByteArray Integer Overflow Exploit
2015-04-19 00:00:00
hackerone
hackerone
Internet Bug Bounty: Flash Local Sandbox Bypass
2014-09-09 20:51:19
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
2014-10-08 02:03:48
Internet Bug Bounty: Adobe Flash Player Out-of-Bound Access Vulnerability
2015-02-07 14:50:18
metasploit
metasploit
Adobe Flash Player copyPixelsToByteArray Method Integer Overflow
2015-04-15 19:08:16
googleprojectzero
googleprojectzero
Exploiting CVE-2014-0556 in Flash
2014-09-23 00:00:00
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00
Significant Flash exploit mitigations are live in v18.0.0.209
2015-07-16 00:00:00
exploitdb
exploitdb
Adobe Flash Player - copyPixelsToByteArray Integer Overflow (Metasploit)
2015-04-21 00:00:00
threatpost
threatpost
Microsoft Warns of Crowti Ransomware
2014-10-29 14:20:49

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Related for 8382.PRM
nessus14openvas9freebsd1redhat1mageia1suse3gentoo1cve12prion12cvelist12nvd12ubuntucve12checkpoint_advisories12canvas1packetstorm2zdt2hackerone3metasploit1googleprojectzero6exploitdb1threatpost1