Lucene search
VUPENZDI-14-092HistoryApr 11, 2014 - 12:00 a.m.
(Pwn2Own) Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability
2014-04-1100:00:00
VUPEN
www.zerodayinitiative.com
13
0.334 Low
EPSS
Percentile
97.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ExternalInterface. By manipulating a SWFβs objects an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
cvelist
cvelist
CVE-2014-0506
2014-03-27 10:00:00
cve
cve
CVE-2014-0506
2014-03-27 10:55:04
prion
prion
Design/Logic Flaw
2014-03-27 10:55:00
securityvulns
securityvulns
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Code Execution (APSB14-09; CVE-2014-0506)
2014-04-09 00:00:00
nvd
nvd
CVE-2014-0506
2014-03-27 10:55:04
seebug
seebug
Adobe Flash Playerδ»»ζ代η ζ§θ‘ζΌζ΄
2014-03-28 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities - 01 (Apr 2014) - Windows
2014-04-01 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2014:0535-1)
2015-10-16 00:00:00
Mageia: Security Advisory (MGASA-2014-0169)
2022-01-28 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2014:0549-1)
2014-06-13 00:00:00
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9120)
2014-04-17 00:00:00
altlinux
altlinux
redhat
redhat
(RHSA-2014:0380) Critical: flash-plugin security update
2014-04-09 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes multiple vulnerabilities
2014-04-09 19:40:40
suse
suse
Security update for flash-player (important)
2014-04-16 19:04:49
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-05-03 00:00:00