Arbitrary Code Execution and Denial of Service in Adobe Flash Player and AIR
CVE-2014-0551

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 10 September 2014

Summary

Adobe Flash Player and Adobe AIR contain a vulnerability that allows attackers to execute arbitrary code or cause a denial of service through memory corruption. This vulnerability affects various versions of Adobe Flash Player and AIR across multiple operating systems, including Windows, OS X, and Linux. Exploiting this flaw may enable unauthorized actions on affected systems, leading to potential data breaches and disruptions.

References

http://security.gentoo.org/glsa/glsa-201409-05.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/61089

third-party-advisoryx_refsource_SECUNIA

http://lists.opensuse.org/opensuse-security-announce/2014...

vendor-advisoryx_refsource_SUSE

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Dec 20, 2013