7.5
CVE-2014-8442
- EPSS 5.34%
- Veröffentlicht 11.11.2014 23:55:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version >= 11.0 < 11.2.202.418
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.34% | 0.916 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
http://www.securityfocus.com/bid/71040
https://exchange.xforce.ibmcloud.com/vulnerabilities/98630