CVE-2014-0492
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD
Description
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak."
Affected (6)
Products: Adobe: Flash Player, Adobe Air Sdk, Adobe Air
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 11.0 to 11.7.700.260 |
| Running on/with | Platform Versions |
|---|---|
Apple Mac Os X | All versions |
Microsoft Windows | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.0.0.1390 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| From 11.0 to 11.2.202.335 |
| Running on/with | Platform Versions |
|---|---|
Linux Linux Kernel | All versions |
Related CWEs
References (12)
Source: psirt@adobe.com
PatchVendor Advisory
Source: psirt@adobe.com
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Timeline
No history available yet.