Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2014-0492

Published: 15/01/2014 Updated: 13/12/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Adobe

Vulnerability Summary

Adobe Flash Player prior to 11.7.700.260 and 11.8.x and 11.9.x prior to 12.0.0.38 on Windows and Mac OS X and prior to 11.2.202.335 on Linux, Adobe AIR prior to 4.0.0.1390, Adobe AIR SDK prior to 4.0.0.1390, and Adobe AIR SDK & Compiler prior to 4.0.0.1390 allow malicious users to defeat the ASLR protection mechanism by leveraging an "address leak."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash_player

adobe adobe air sdk

adobe adobe air

Vendor Advisories

Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes two security issues is nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticals ...
Red Hat: CVE-2014-0492
Adobe Flash Player before 117700260 and 118x and 119x before 120038 on Windows and Mac OS X and before 112202335 on Linux, Adobe AIR before 4001390, Adobe AIR SDK before 4001390, and Adobe AIR SDK & Compiler before 4001390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak" ...

Recent Articles

Adobe’s First Patch Tuesday of 2014
Securelist • Roel Schouwenberg • 14 Jan 2014

This month’s Adobe Patch Tuesday release sees fixes for Flash Player, Acrobat and Reader. All vulnerabilities get the highest priority rating. This means future exploits are likely. The Flash Player bulletin was only announced today. CVE-2014-0491 and CVE-2014-0492 both concern remote code execution vulnerabilities. CVE-2014-0493, CVE-2014-0495 and CVE-2014-0496 affect Acrobat and Reader. These CVEs also concern remote code execution vulnerabilities. All of this month’s vulnerabilities we...

Read more...

References

CWE-264http://helpx.adobe.com/security/products/flash-player/apsb14-02.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0028.htmlhttp://www.securitytracker.com/id/1029602http://secunia.com/advisories/56516http://secunia.com/advisories/56636http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00006.htmlhttps://access.redhat.com/errata/RHSA-2014:0028https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-0492
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook