7.5
CVSSv2

CVE-2014-0539

Published: 09/07/2014 Updated: 05/08/2014
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Adobe Flash Player prior to 13.0.0.231 and 14.x prior to 14.0.0.145 on Windows and OS X and prior to 11.2.202.394 on Linux, Adobe AIR prior to 14.0.0.137 on Android, Adobe AIR SDK prior to 14.0.0.137, and Adobe AIR SDK & Compiler prior to 14.0.0.137 allow malicious users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537.

Affected Products

Vendor Product Versions
AdobeAdobe Air13.0.0.83, 13.0.0.111, 14.0.0.110
AdobeAdobe Air Sdk13.0.0.83, 13.0.0.111, 14.0.0.110
AdobeFlash Player11.2.202.223, 11.2.202.228, 11.2.202.233, 11.2.202.235, 11.2.202.236, 11.2.202.238, 11.2.202.243, 11.2.202.251, 11.2.202.258, 11.2.202.261, 11.2.202.262, 11.2.202.270, 11.2.202.273, 11.2.202.275, 11.2.202.280, 11.2.202.285, 11.2.202.291, 11.2.202.297, 11.2.202.310, 11.2.202.332, 11.2.202.335, 11.2.202.336, 11.2.202.341, 11.2.202.346, 11.2.202.350, 11.2.202.356, 11.2.202.359, 11.2.202.378, 13.0.0.182, 13.0.0.201, 13.0.0.206, 13.0.0.214, 13.0.0.223, 14.0.0.125

Vendor Advisories

Adobe Flash Player before 1300231 and 14x before 1400145 on Windows and OS X and before 112202394 on Linux, Adobe AIR before 1400137 on Android, Adobe AIR SDK before 1400137, and Adobe AIR SDK & Compiler before 1400137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability th ...