CVE-2014-0536

Published: Jun 11, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Affected (9)

Products: Adobe: Flash Player, Adobe Air Sdk, Adobe Air

3 products

Configuration A

1 vulnerable · 27 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 11.2.202.359

Running on/with	Platform Versions
Adobe Flash Player	Version 11.2.202.223
Adobe Flash Player	Version 11.2.202.228
Adobe Flash Player	Version 11.2.202.233
Adobe Flash Player	Version 11.2.202.235
Adobe Flash Player	Version 11.2.202.236
Adobe Flash Player	Version 11.2.202.238
Adobe Flash Player	Version 11.2.202.243
Adobe Flash Player	Version 11.2.202.251
Adobe Flash Player	Version 11.2.202.258
Adobe Flash Player	Version 11.2.202.261
Adobe Flash Player	Version 11.2.202.262
Adobe Flash Player	Version 11.2.202.270
Adobe Flash Player	Version 11.2.202.273
Adobe Flash Player	Version 11.2.202.275
Adobe Flash Player	Version 11.2.202.280
Adobe Flash Player	Version 11.2.202.285
Adobe Flash Player	Version 11.2.202.291
Adobe Flash Player	Version 11.2.202.297
Adobe Flash Player	Version 11.2.202.310
Adobe Flash Player	Version 11.2.202.332
Adobe Flash Player	Version 11.2.202.335
Adobe Flash Player	Version 11.2.202.336
Adobe Flash Player	Version 11.2.202.341
Adobe Flash Player	Version 11.2.202.346
Adobe Flash Player	Version 11.2.202.350
Adobe Flash Player	Version 11.2.202.356
Linux Linux Kernel	All versions

Configuration B

4 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 13.0.0.214
Adobe Flash Player	Version 13.0.0.182
Adobe Flash Player	Version 13.0.0.201
Adobe Flash Player	Version 13.0.0.206

Running on/with	Platform Versions
Apple Mac Os X	All versions
Microsoft Windows	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Adobe Adobe Air Sdk	Up to 13.0.0.111
Adobe Adobe Air Sdk	Version 13.0.0.83

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Adobe Adobe Air	Up to 13.0.0.111
Adobe Adobe Air	Version 13.0.0.83

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (26)

http://helpx.adobe.com/security/products/flash-player/apsb14-16.html

Source: psirt@adobe.com

PatchVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html

Source: psirt@adobe.com

http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html

Source: psirt@adobe.com

http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html

Source: psirt@adobe.com

http://rhn.redhat.com/errata/RHSA-2014-0745.html

Source: psirt@adobe.com

http://secunia.com/advisories/58390

Source: psirt@adobe.com

http://secunia.com/advisories/58465

Source: psirt@adobe.com

http://secunia.com/advisories/58585

Source: psirt@adobe.com

http://secunia.com/advisories/59053

Source: psirt@adobe.com

http://secunia.com/advisories/59304

Source: psirt@adobe.com

http://security.gentoo.org/glsa/glsa-201406-17.xml

Source: psirt@adobe.com

http://www.securityfocus.com/bid/67961

Source: psirt@adobe.com

http://www.securitytracker.com/id/1030368

Source: psirt@adobe.com

http://helpx.adobe.com/security/products/flash-player/apsb14-16.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0745.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/58390

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/58465

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/58585

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/59053

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/59304

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201406-17.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/67961

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030368

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.