CVE-2014-0539

CWE-2647 documents6 sources
Severity
7.5HIGH
EPSS
2.0%
top 16.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe Adobe AIRAdobe Adobe AIR SDKAdobe Flash Player
Timeline
PublishedJul 9
Latest updateMay 17

Description

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

NVDadobe/flash_player11.2.202.378+33
NVDadobe/adobe_air14.0.0.110+2
NVDadobe/adobe_air_sdk14.0.0.110+2
Ubuntuflashplugin-nonfree< 11.2.202.394ubuntu0.14.04.1

🔴Vulnerability Details

3
GHSA
GHSA-ccmv-4c56-j442: Adobe Flash Player before 132022-05-17
CVEList
CVE-2014-0539: Adobe Flash Player before 132014-07-09
OSV
CVE-2014-0539: Adobe Flash Player before 132014-07-09

📋Vendor Advisories

2
Red Hat
flash-plugin: security protection bypass (APSB14-17)2014-07-08
Red Hat
flash-plugin: security protection bypass (APSB14-17)2014-07-08

💬Community

1
Bugzilla
CVE-2014-0537 CVE-2014-0539 flash-plugin: security protection bypass (APSB14-17)2014-07-09
CVE-2014-0539 (HIGH CVSS 7.5) | Adobe Flash Player before 13.0.0.23 | cvebase.io