KLA10003
Multiple vulnerabilities in Adobe Flash Player
Updated: 03/07/2019
Detect date
?
06/27/2014
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in the following Adobe Flash Player versions: 13.0.0.206 and earlier for Windows, Mac OS; 11.2.202.356 and earlier for Linux and Adobe AIR SDK & Compiler version 13.0.0.83. Malicious users can exploit these vulnerabilities to bypass a sandbox protection mechanism, the same-origin policy and access restrictions, or execute arbitrary code

Below is a complete list of vulnerabilities

  1. heap-based buffer overflow can be exploited to execute arbitrary code and bypass the sandbox.
  2. some unspecified attack vectors can be exploited to bypass the same-origin policy and access restrictions.
Affected products

Flash Player 13.0.0.206 and earlier versions for Windows and Mac OS,
Flash Player 11.2.202.356 and earlier for Linux,
AIR 13.0.0.83 SDK & Compiler.

Solution

Update to latest version
Flash Player

Original advisories

Adobe bulletin

Impacts
?
ACE 
[?]

SB 
[?]
Related products
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Macromedia Flash Player
CVE-IDS
?
CVE-2014-05177.5Critical
CVE-2014-05187.5Critical
CVE-2014-05207.5Critical
CVE-2014-05197.5Critical
CVE-2014-051010.0Critical
CVE-2014-05167.5Critical