KLA10003
Multiple vulnerabilities in Adobe Flash Player
Обновлено: 07/03/2019
Дата обнаружения
27/06/2014
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in the following Adobe Flash Player versions: 13.0.0.206 and earlier for Windows, Mac OS; 11.2.202.356 and earlier for Linux and Adobe AIR SDK & Compiler version 13.0.0.83. Malicious users can exploit these vulnerabilities to bypass a sandbox protection mechanism, the same-origin policy and access restrictions, or execute arbitrary code

Below is a complete list of vulnerabilities

  1. heap-based buffer overflow can be exploited to execute arbitrary code and bypass the sandbox.
  2. some unspecified attack vectors can be exploited to bypass the same-origin policy and access restrictions.
Пораженные продукты

Flash Player 13.0.0.206 and earlier versions for Windows and Mac OS,
Flash Player 11.2.202.356 and earlier for Linux,
AIR 13.0.0.83 SDK & Compiler.

Решение

Update to latest version
Flash Player

Первичный источник обнаружения
Adobe bulletin
Оказываемое влияние
?
ACE 
[?]

SB 
[?]
Связанные продукты
Adobe Flash Player ActiveX
Adobe Flash Player NPAPI
Macromedia Flash Player
CVE-IDS
CVE-2014-05177.5Critical
CVE-2014-05187.5Critical
CVE-2014-05207.5Critical
CVE-2014-05197.5Critical
CVE-2014-051010.0Critical
CVE-2014-05167.5Critical