Cross-Site Scripting Vulnerability in Adobe Flash Player
CVE-2014-0531

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 11 June 2014

Summary

A cross-site scripting vulnerability exists in Adobe Flash Player and Adobe AIR versions 11 and 14 prior to specified updates. This vulnerability can allow remote attackers to inject arbitrary web scripts or HTML into affected environments, potentially leading to unauthorized access or data theft. The exploitation is conducted via unspecified vectors distinct from other vulnerabilities reported in the same timeframe. It is critical for organizations using affected versions to implement the necessary updates to mitigate risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/67962

vdb-entryx_refsource_BID

http://lists.opensuse.org/opensuse-updates/2014-06/msg000...

vendor-advisoryx_refsource_SUSE

http://lists.opensuse.org/opensuse-updates/2014-06/msg000...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Jun 11, 2014
Vulnerability Reserved
Dec 20, 2013