Cross-Site Scripting Vulnerability in Adobe Flash Player and Adobe AIR
CVE-2014-0532

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air Sdk
Vendor: CVE Published:; 11 June 2014

Summary

This vulnerability allows remote attackers to inject arbitrary web scripts or HTML into affected products due to improper input validation. The exploitation occurs through unspecified vectors, enabling potential breaches that compromise user security. Both Adobe Flash Player and Adobe AIR are affected, highlighting the need for immediate updates to secure systems against these attacks.

References

http://www.securityfocus.com/bid/67973

vdb-entryx_refsource_BID

http://lists.opensuse.org/opensuse-updates/2014-06/msg000...

vendor-advisoryx_refsource_SUSE

http://lists.opensuse.org/opensuse-updates/2014-06/msg000...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Jun 11, 2014
Vulnerability Reserved
Dec 20, 2013