CVE-2014-0499
published 2014-02-21CVE-2014-0499: Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before…
high7.8CVSS 3.1
AVNACLAuNCCINAN
Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | adobe_air | < 4.0.0.1628 | 4.0.0.1628 |
| adobe | adobe_air_sdk | < 4.0.0.1628 | 4.0.0.1628 |
| adobe | flash_player | >= 11.0 < 11.7.700.269 | 11.7.700.269 |
| adobe | flash_player | >= 11.0 < 11.2.202.341 | 11.2.202.341 |
| adobe | flash_player | >= 11.8 < 11.8.800.175 | 11.8.800.175 |
| adobe | flash_player | >= 11.9 < 12.0.0.70 | 12.0.0.70 |