Heap-based Buffer Overflow in Adobe Flash Player and AIR
CVE-2014-0559

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 10 September 2014

Summary

A heap-based buffer overflow vulnerability exists in Adobe Flash Player and Adobe AIR that enables attackers to execute arbitrary code. This flaw can be exploited via unspecified vectors, demonstrating an increased risk on affected systems. This vulnerability differentiates itself from similar vulnerabilities and affects various platforms including Windows, OS X, and Linux.

References

http://security.gentoo.org/glsa/glsa-201409-05.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/61089

third-party-advisoryx_refsource_SECUNIA

http://lists.opensuse.org/opensuse-security-announce/2014...

vendor-advisoryx_refsource_SUSE

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Dec 20, 2013