10
CVE-2014-0558
- EPSS 5.07%
- Veröffentlicht 15.10.2014 10:55:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 11.2.202.406
Adobe ≫ Flash Player Version11.2.202.223
Adobe ≫ Flash Player Version11.2.202.228
Adobe ≫ Flash Player Version11.2.202.233
Adobe ≫ Flash Player Version11.2.202.235
Adobe ≫ Flash Player Version11.2.202.236
Adobe ≫ Flash Player Version11.2.202.238
Adobe ≫ Flash Player Version11.2.202.243
Adobe ≫ Flash Player Version11.2.202.251
Adobe ≫ Flash Player Version11.2.202.258
Adobe ≫ Flash Player Version11.2.202.261
Adobe ≫ Flash Player Version11.2.202.262
Adobe ≫ Flash Player Version11.2.202.270
Adobe ≫ Flash Player Version11.2.202.273
Adobe ≫ Flash Player Version11.2.202.275
Adobe ≫ Flash Player Version11.2.202.280
Adobe ≫ Flash Player Version11.2.202.285
Adobe ≫ Flash Player Version11.2.202.291
Adobe ≫ Flash Player Version11.2.202.297
Adobe ≫ Flash Player Version11.2.202.310
Adobe ≫ Flash Player Version11.2.202.332
Adobe ≫ Flash Player Version11.2.202.335
Adobe ≫ Flash Player Version11.2.202.336
Adobe ≫ Flash Player Version11.2.202.341
Adobe ≫ Flash Player Version11.2.202.346
Adobe ≫ Flash Player Version11.2.202.350
Adobe ≫ Flash Player Version11.2.202.356
Adobe ≫ Flash Player Version11.2.202.359
Adobe ≫ Flash Player Version11.2.202.378
Adobe ≫ Flash Player Version11.2.202.394
Adobe ≫ Flash Player Version11.2.202.400
Adobe ≫ Adobe Air Sdk Version <= 15.0.0.249
Adobe ≫ Adobe Air Sdk Version13.0.0.83
Adobe ≫ Adobe Air Sdk Version13.0.0.111
Adobe ≫ Adobe Air Sdk Version14.0.0.110
Adobe ≫ Adobe Air Sdk Version14.0.0.137
Adobe ≫ Adobe Air Sdk Version14.0.0.178
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.07% | 0.912 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html
http://rhn.redhat.com/errata/RHSA-2014-1648.html
http://secunia.com/advisories/61980
http://www.securitytracker.com/id/1031019