← Back

CVE-2014-8442

nvd nist
Published: Nov 11, 2014Modified: May 6, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.

Affected (7)

Adobe
4 products
Flash Player
Air Sdk
Air
Air Sdk & Compiler
Configuration A
3 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Adobe
Flash Player
From 13.0 to 13.0.0.252
Flash Player
From 14.0 to 14.0.0.179
Flash Player
From 15.0 to 15.0.0.223
Running on/withPlatform Versions
Apple
Mac Os X
All versions
Microsoft
Windows
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Flash Player
From 11.0 to 11.2.202.418
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Air Sdk
Up to 15.0.0.356
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Air
Up to 15.0.0.356
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Air Sdk & Compiler
Before 15.0.0.356

Related CWEs

CWE-264
CWE-264

References (8)

Source: psirt@adobe.com
PatchVendor Advisory
Source: psirt@adobe.com
Mailing ListThird Party Advisory
Source: psirt@adobe.com
Third Party AdvisoryVDB Entry
Source: psirt@adobe.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.