CVE-2014-0507

CWE-119Buffer Overflow5 documents5 sources
Severity
9.3CRITICAL
EPSS
4.0%
top 11.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe Adobe AIRAdobe Adobe AIR SDKAdobe Flash Player
Timeline
PublishedApr 8
Latest updateMay 17

Description

Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/flash_player11.2.202.346+77
NVDadobe/adobe_air4.0.0.1390+56
NVDadobe/adobe_air_sdk4.0.0.1628+23

🔴Vulnerability Details

2
GHSA
GHSA-3c5p-wmcv-3jvc: Buffer overflow in Adobe Flash Player before 112022-05-17
CVEList
CVE-2014-0507: Buffer overflow in Adobe Flash Player before 112014-04-08

📋Vendor Advisories

1
Red Hat
flash-plugin: two flaws leading to code execution (APSB14-09)2014-04-08

💬Community

1
Bugzilla
CVE-2014-0506 CVE-2014-0507 flash-plugin: two flaws leading to code execution (APSB14-09)2014-04-09
CVE-2014-0507 (CRITICAL CVSS 9.3) | Buffer overflow in Adobe Flash Play | cvebase.io