Multiple vulnerabilities in Adobe Flash Player

Описание

Multiple serious vulnerabilities have been found in the following Adobe Flash Player versions: 13.0.0.206 and earlier for Windows, Mac OS; 11.2.202.356 and earlier for Linux and Adobe AIR SDK & Compiler version 13.0.0.83. Malicious users can exploit these vulnerabilities to bypass a sandbox protection mechanism, the same-origin policy and access restrictions, or execute arbitrary code

Below is a complete list of vulnerabilities

1. heap-based buffer overflow can be exploited to execute arbitrary code and bypass the sandbox.
2. some unspecified attack vectors can be exploited to bypass the same-origin policy and access restrictions.

Первичный источник обнаружения

• Adobe bulletin
  

Связанные продукты

• Adobe-Flash-Player-ActiveX
• Adobe-Flash-Player-NPAPI
• Macromedia-Flash-Player

Список CVE

• CVE-2014-0517
  critical
• CVE-2014-0518
  critical
• CVE-2014-0520
  critical
• CVE-2014-0519
  critical
• CVE-2014-0510
  critical
• CVE-2014-0516
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com