Lucene search

[email protected]NVD:CVE-2014-0533

HistoryJun 11, 2014 - 10:57 a.m.

CVE-2014-0533

2014-06-1110:57:17

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532.

Affected configurations

NVD

Node

adobeflash_playerRange≤13.0.0.214

adobeflash_playerMatch13.0.0.182

adobeflash_playerMatch13.0.0.201

adobeflash_playerMatch13.0.0.206

AND

applemac_os_x

microsoftwindows

Node

adobeadobe_air_sdkRange≤13.0.0.111

adobeadobe_air_sdkMatch13.0.0.83

Node

adobeflash_playerRange≤11.2.202.359

adobeflash_playerMatch11.2.202.223

adobeflash_playerMatch11.2.202.228

adobeflash_playerMatch11.2.202.233

adobeflash_playerMatch11.2.202.235

adobeflash_playerMatch11.2.202.236

adobeflash_playerMatch11.2.202.238

adobeflash_playerMatch11.2.202.243

adobeflash_playerMatch11.2.202.251

adobeflash_playerMatch11.2.202.258

adobeflash_playerMatch11.2.202.261

adobeflash_playerMatch11.2.202.262

adobeflash_playerMatch11.2.202.270

adobeflash_playerMatch11.2.202.273

adobeflash_playerMatch11.2.202.275

adobeflash_playerMatch11.2.202.280

adobeflash_playerMatch11.2.202.285

adobeflash_playerMatch11.2.202.291

adobeflash_playerMatch11.2.202.297

adobeflash_playerMatch11.2.202.310

adobeflash_playerMatch11.2.202.332

adobeflash_playerMatch11.2.202.335

adobeflash_playerMatch11.2.202.336

adobeflash_playerMatch11.2.202.341

adobeflash_playerMatch11.2.202.346

adobeflash_playerMatch11.2.202.350

adobeflash_playerMatch11.2.202.356

AND

linuxlinux_kernel

Node

adobeadobe_airRange≤13.0.0.111

adobeadobe_airMatch13.0.0.83

References

helpx.adobe.com/security/products/flash-player/apsb14-16.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html

lists.opensuse.org/opensuse-updates/2014-06/msg00029.html

lists.opensuse.org/opensuse-updates/2014-06/msg00030.html

rhn.redhat.com/errata/RHSA-2014-0745.html

secunia.com/advisories/58390

secunia.com/advisories/58465

secunia.com/advisories/58585

secunia.com/advisories/59053

secunia.com/advisories/59304

security.gentoo.org/glsa/glsa-201406-17.xml

www.securityfocus.com/bid/67974

www.securitytracker.com/id/1030368

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for NVD:CVE-2014-0533

cve3 cvelist3 nvd2 ubuntucve3 prion3 nessus11 altlinux2 openvas8 mageia1 redhat1 suse1 gentoo1 kaspersky1 checkpoint_advisories3