Adobe Flash Player / AIR Multiple Vulnerabilities
Last Update Date:
12 Nov 2014 17:49
Release Date:
12 Nov 2014
3168
Views
RISK: High Risk
TYPE: Clients - Audio & Video
Multiple vulnerabilities have been identified in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, arbitrary code execution, and compromise a user's system.
Several unspecified errors can also cause memory corruption, heap-based buffer overflow.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Adobe Flash Player versions 15.0.0.189 and prior.
- Adobe Flash Player Extended Support Release versions 13.0.0.250 and prior.
- Adobe Flash Player for Linux versions 11.2.202.411 and prior.
- Adobe AIR Desktop Runtime and Adobe AIR for Android versions 15.0.0.293 and prior.
- IR SDK and AIR SDK & Compiler versions 15.0.0.302 and prior.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to a fixed version.
http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
Vulnerability Identifier
- CVE-2014-0573
- CVE-2014-0574
- CVE-2014-0576
- CVE-2014-0577
- CVE-2014-0581
- CVE-2014-0582
- CVE-2014-0583
- CVE-2014-0584
- CVE-2014-0585
- CVE-2014-0586
- CVE-2014-0588
- CVE-2014-0589
- CVE-2014-0590
- CVE-2014-8437
- CVE-2014-8438
- CVE-2014-8440
- CVE-2014-8441
- CVE-2014-8442
Source
Related Link
Share with