CVE-2014-0507

Опубликовано: 08 апр. 2014

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Уязвимость переполнения буфера в Adobe Flash Player и Adobe AIR, позволяющая выполнять произвольный код

Описание

Уязвимость переполнения буфера в Adobe Flash Player и Adobe AIR позволяет злоумышленникам выполнить произвольный код через неопределенные векторы.

Затронутые версии ПО

Adobe Flash Player версий до 11.7.700.275 и 11.8.x до 13.0.x на Windows и OS X
Adobe Flash Player версий до 11.2.202.350 на Linux
Adobe AIR версий до 13.0.0.83 на Android
Adobe AIR SDK до версии 13.0.0.83
Adobe AIR SDK & Compiler до версии 13.0.0.83

Тип уязвимости

Выполнение произвольного кода

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.44:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.50:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.54:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.48:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.54:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.58:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.257:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.262:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.265:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.268:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.270:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.271:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.3.300.273:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.4.402.265:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.4.402.278:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.4.402.287:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.5.502.110:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.5.502.135:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.5.502.136:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.5.502.146:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.5.502.149:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.6.602.167:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.6.602.168:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.6.602.171:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.6.602.180:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.169:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.202:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.224:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.232:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.242:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.252:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.257:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.7.700.260:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.8.800.94:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.8.800.97:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.8.800.168:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.9.900.117:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.9.900.152:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.9.900.170:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:12.0.0.38:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:12.0.0.41:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:12.0.0.43:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Версия до 11.2.202.346 (включая)

cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.44:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.50:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.111.54:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.48:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.54:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.1.115.58:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.327:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*

Версия до 4.0.0.1628 (включая)

cpe:2.3:a:adobe:adobe_air_sdk:3.0.0.4080:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.1.0.488:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.2.0.2070:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3650:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3690:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2540:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2710:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.600:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.880:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.890:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.1060:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.6.0.599:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.6.0.6090:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.7.0.1530:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.7.0.1860:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.7.0.2090:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.8.0.870:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.8.0.910:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.8.0.1430:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.9.0.1030:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.9.0.1210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:3.9.0.1380:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air_sdk:4.0.0.1390:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*

Версия до 4.0.0.1390 (включая)

cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.0.8.4990:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.0.4990:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.1.0.5790:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.0.7220:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.1.8210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.3.9120:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:1.5.3.9130:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.0.2.12610:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.0.3.13070:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.5.0.16600:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.5.1.17730:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.6.0.19120:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.6.0.19140:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7.0.1948:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7.0.1953:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7.0.19480:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7.0.19530:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:2.7.1.19610:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.0.0.408:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.0.0.4080:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.1.0.485:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.1.0.488:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.1.0.4880:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.2.0.207:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.2.0.2070:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.3.0.3670:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.4.0.2540:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.4.0.2710:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.5.0.600:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.5.0.880:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.5.0.890:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.5.0.1060:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.6.0.597:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.6.0.6090:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.7.0.1530:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.7.0.1860:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.7.0.2090:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.8.0.870:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.8.0.910:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.9.0.1030:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.9.0.1060:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.9.0.1210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:adobe_air:3.9.0.1380:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03976

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2014-0507

ubuntu

почти 12 лет назад

Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2014-0507

redhat

почти 12 лет назад

GHSA-3c5p-wmcv-3jvc

github

больше 3 лет назад

SUSE-SU-2015:1137-1

suse-cvrf

около 11 лет назад

Security update for flash-player

SUSE-SU-2015:1064-1

suse-cvrf

около 11 лет назад

Security update for flash-player

EPSS

Процентиль: 88%

0.03976

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119