CVE-2014-0510Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Flash Player

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-416Use After Free4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
18.9%
top 4.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Flash Player
Timeline
PublishedMar 27
Latest updateMay 17

Description

Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDadobe/flash_player12.0.0.77

🔴Vulnerability Details

1
GHSA
GHSA-v4fq-8fr9-cwvf: Heap-based buffer overflow in Adobe Flash Player 122022-05-17

📋Vendor Advisories

1
Red Hat
flash-plugin: use-after-free flaw leads to arbitrary code execution2014-03-13

💬Community

1
Bugzilla
CVE-2014-0510 flash-plugin: use-after-free flaw leads to arbitrary code execution2014-03-27