10
CVE-2014-9163
- EPSS 12.84%
- Veröffentlicht 10.12.2014 21:59:35
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@adobe.com
- Teams Watchlist Login
- Unerledigt Login
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version >= 11.0 < 11.2.202.425
13.04.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Adobe Flash Player Stack-Based Buffer Overflow Vulnerability
SchwachstelleStack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.
BeschreibungThe impacted product is end-of-life and should be disconnected if still in use.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 12.84% | 0.936 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).