Arbitrary Code Execution and Denial of Service in Adobe Flash Player and AIR
CVE-2014-0555

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 10 September 2014

Summary

This vulnerability allows attackers to exploit Adobe Flash Player and Adobe AIR applications before designated versions to execute arbitrary code or trigger a denial of service via unspecified vectors, potentially leading to memory corruption issues. This vulnerability, affecting various platforms including Windows, OS X, and Linux, presents significant risks to users who have not updated their software. It is critical to ensure your applications are running the latest versions to mitigate these risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95825

vdb-entryx_refsource_XF

http://security.gentoo.org/glsa/glsa-201409-05.xml

vendor-advisoryx_refsource_GENTOO

http://www.securityfocus.com/bid/69706

vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Dec 20, 2013