Lucene search

K

[email protected]NVD:CVE-2014-0569

HistoryOct 15, 2014 - 10:55 a.m.

CVE-2014-0569

2014-10-1510:55:06

CWE-190

[email protected]

web.nvd.nist.gov

4

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.406

AND

linuxlinux_kernelMatch-

Node

adobeflash_playerRange≤13.0.0.244extended_support

AND

applemacosMatch-

OR

microsoftwindowsMatch-

Node

adobeflash_playerRange≤15.0.0.152chrome

AND

applemacosMatch-

OR

linuxlinux_kernelMatch-

OR

microsoftwindowsMatch-

Node

adobeflash_playerRange≤15.0.0.167internet_explorer_10

OR

adobeflash_playerRange≤15.0.0.167internet_explorer_11

AND

microsoftwindows_8Match-

OR

microsoftwindows_8.1Match-

Node

adobeflash_player_desktop_runtimeRange≤15.0.0.167

AND

applemacosMatch-

OR

microsoftwindowsMatch-

Node

adobeair_desktop_runtimeRange≤15.0.0.249

AND

applemacosMatch-

OR

microsoftwindowsMatch-

Node

adobeair_sdkRange≤15.0.0.249

AND

appleiphone_osMatch-

OR

applemacosMatch-

OR

microsoftwindowsMatch-

Node

adobeair_sdkRange≤15.0.0.252

AND

googleandroidMatch-

Node

opensuseevergreenMatch11.4

OR

opensuseopensuseMatch12.3

OR

opensuseopensuseMatch13.1

OR

suselinux_enterprise_desktopMatch11sp3

References

helpx.adobe.com/security/products/flash-player/apsb14-22.html

lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html

lists.opensuse.org/opensuse-updates/2014-10/msg00033.html

rhn.redhat.com/errata/RHSA-2014-1648.html

secunia.com/advisories/61980

www.securityfocus.com/bid/70441

www.securitytracker.com/id/1031019

www.zerodayinitiative.com/advisories/ZDI-14-365/

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%

Related for NVD:CVE-2014-0569

seebug1 metasploit1 prion1 cve1 zdi1 ubuntucve1 checkpoint_advisories1 cvelist1 zdt1 symantec1 packetstorm1 threatpost5 exploitdb1 nessus13 suse3 openvas9 redhat1 mageia1 gentoo1