CVE-2014-0537

CWE-2647 documents6 sources
Severity
7.5HIGH
EPSS
2.0%
top 16.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe Adobe AIRAdobe Adobe AIR SDKAdobe Flash Player
Timeline
PublishedJul 9
Latest updateMay 17

Description

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0539.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

NVDadobe/flash_player13.0.0.223+33
NVDadobe/adobe_air14.0.0.110+2
NVDadobe/adobe_air_sdk14.0.0.110+2
Ubuntuflashplugin-nonfree< 11.2.202.394ubuntu0.14.04.1

🔴Vulnerability Details

3
GHSA
GHSA-fmf5-q6q9-5pp3: Adobe Flash Player before 132022-05-17
CVEList
CVE-2014-0537: Adobe Flash Player before 132014-07-09
OSV
CVE-2014-0537: Adobe Flash Player before 132014-07-09

📋Vendor Advisories

2
Red Hat
flash-plugin: security protection bypass (APSB14-17)2014-07-08
Red Hat
flash-plugin: security protection bypass (APSB14-17)2014-07-08

💬Community

1
Bugzilla
CVE-2014-0537 CVE-2014-0539 flash-plugin: security protection bypass (APSB14-17)2014-07-09