Lucene search
HistoryOct 15, 2014 - 10:55 a.m.
CVE-2014-0558
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.037
Percentile
91.9%
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.
Affected configurations
Node
adobeflash_playerRange≤13.0.0.244
ORadobeflash_playerMatch13.0.0.182
ORadobeflash_playerMatch13.0.0.201
ORadobeflash_playerMatch13.0.0.206
ORadobeflash_playerMatch13.0.0.214
ORadobeflash_playerMatch13.0.0.223
ORadobeflash_playerMatch13.0.0.231
ORadobeflash_playerMatch13.0.0.241
ORadobeflash_playerMatch14.0.0.125
ORadobeflash_playerMatch14.0.0.145
ORadobeflash_playerMatch14.0.0.176
ORadobeflash_playerMatch14.0.0.179
ORadobeflash_playerMatch15.0.0.144
ORadobeflash_playerMatch15.0.0.152
applemac_os_x
ORmicrosoftwindows
Node
adobeadobe_airRange≤15.0.0.252
ORadobeadobe_airMatch13.0.0.83
ORadobeadobe_airMatch13.0.0.111
ORadobeadobe_airMatch14.0.0.110
ORadobeadobe_airMatch14.0.0.137
ORadobeadobe_airMatch14.0.0.179
Node
adobeadobe_airRange≤15.0.0.249
ORadobeadobe_airMatch13.0.0.83
ORadobeadobe_airMatch13.0.0.111
ORadobeadobe_airMatch14.0.0.110
ORadobeadobe_airMatch14.0.0.137
ORadobeadobe_airMatch14.0.0.178
Node
adobeflash_playerRange≤11.2.202.406
ORadobeflash_playerMatch11.2.202.223
ORadobeflash_playerMatch11.2.202.228
ORadobeflash_playerMatch11.2.202.233
ORadobeflash_playerMatch11.2.202.235
ORadobeflash_playerMatch11.2.202.236
ORadobeflash_playerMatch11.2.202.238
ORadobeflash_playerMatch11.2.202.243
ORadobeflash_playerMatch11.2.202.251
ORadobeflash_playerMatch11.2.202.258
ORadobeflash_playerMatch11.2.202.261
ORadobeflash_playerMatch11.2.202.262
ORadobeflash_playerMatch11.2.202.270
ORadobeflash_playerMatch11.2.202.273
ORadobeflash_playerMatch11.2.202.275
ORadobeflash_playerMatch11.2.202.280
ORadobeflash_playerMatch11.2.202.285
ORadobeflash_playerMatch11.2.202.291
ORadobeflash_playerMatch11.2.202.297
ORadobeflash_playerMatch11.2.202.310
ORadobeflash_playerMatch11.2.202.332
ORadobeflash_playerMatch11.2.202.335
ORadobeflash_playerMatch11.2.202.336
ORadobeflash_playerMatch11.2.202.341
ORadobeflash_playerMatch11.2.202.346
ORadobeflash_playerMatch11.2.202.350
ORadobeflash_playerMatch11.2.202.356
ORadobeflash_playerMatch11.2.202.359
ORadobeflash_playerMatch11.2.202.378
ORadobeflash_playerMatch11.2.202.394
ORadobeflash_playerMatch11.2.202.400
linuxlinux_kernel
Node
adobeadobe_air_sdkRange≤15.0.0.249
ORadobeadobe_air_sdkMatch13.0.0.83
ORadobeadobe_air_sdkMatch13.0.0.111
ORadobeadobe_air_sdkMatch14.0.0.110
ORadobeadobe_air_sdkMatch14.0.0.137
ORadobeadobe_air_sdkMatch14.0.0.178
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | flash_player | * | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.182 | cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.201 | cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.206 | cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.214 | cpe:2.3:a:adobe:flash_player:13.0.0.214:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.223 | cpe:2.3:a:adobe:flash_player:13.0.0.223:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.231 | cpe:2.3:a:adobe:flash_player:13.0.0.231:*:*:*:*:*:*:* |
| adobe | flash_player | 13.0.0.241 | cpe:2.3:a:adobe:flash_player:13.0.0.241:*:*:*:*:*:*:* |
| adobe | flash_player | 14.0.0.125 | cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:* |
| adobe | flash_player | 14.0.0.145 | cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:* |
References
helpx.adobe.com/security/products/flash-player/apsb14-22.html
lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
lists.opensuse.org/opensuse-updates/2014-10/msg00033.html
rhn.redhat.com/errata/RHSA-2014-1648.html
secunia.com/advisories/61980
www.securitytracker.com/id/1031019
Related
prion
prion
Memory corruption
2014-10-15 10:55:00
Memory corruption
2014-10-15 10:55:00
ubuntucve
ubuntucve
CVE-2014-0564
2014-10-15 00:00:00
CVE-2014-0558
2014-10-15 00:00:00
cve
cve
CVE-2014-0564
2014-10-15 10:55:06
CVE-2014-0558
2014-10-15 10:55:06
cvelist
cvelist
CVE-2014-0558
2014-10-15 10:00:00
CVE-2014-0564
2014-10-15 10:00:00
nvd
nvd
CVE-2014-0564
2014-10-15 10:55:06
nessus
nessus
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9898)
2014-11-06 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2014:1329-1)
2014-10-29 00:00:00
RHEL 5 / 6 : flash-plugin (RHSA-2014:1648)
2014-10-16 00:00:00
suse
suse
Security update for flash-player (important)
2014-11-13 17:05:02
Security update for flash-player (important)
2014-11-05 19:04:50
Security update for Adobe Flash Player (important)
2015-04-16 13:04:48
redhat
redhat
(RHSA-2014:1648) Critical: flash-plugin security update
2014-10-15 00:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SU-2014:1360-1)
2015-10-15 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2014:1423-1)
2015-10-16 00:00:00
Adobe AIR Multiple Vulnerabilities (APSB14-22) - Windows
2014-10-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Memory Corruption (APSB14-22: CVE-2014-0558)
2014-10-22 00:00:00
Adobe Flash Player Memory Corruption (APSB14-22: CVE-2014-0564)
2014-10-21 00:00:00
hackerone
hackerone
threatpost
threatpost
Fixes for IE, Flash Player in October Patch Tuesday Release
2014-10-14 15:02:06
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-11-21 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-11-14 04:27:45
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.037
Percentile
91.9%
Related for NVD:CVE-2014-0558