CVE-2014-0502
published 2014-02-21CVE-2014-0502: Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-10-08
Exploited in the wild
Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | adobe_air | < 4.0.0.1628 | 4.0.0.1628 |
| adobe | adobe_air_sdk | < 4.0.0.1628 | 4.0.0.1628 |
| adobe | flash_player | < 11.7.700.269 | 11.7.700.269 |
| adobe | flash_player | < 11.2.202.341 | 11.2.202.341 |
| adobe | flash_player | >= 11.8.800.94 < 12.0.0.70 | 12.0.0.70 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| suse | linux_enterprise_desktop | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
cisa8.8HIGH