CVE-2014-0557
published 2014-09-10CVE-2014-0557: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on…
critical10CVSS 3.1
AVNACLAuNCCICAC
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
Affected
53 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | adobe_air | <= 14.0.0.178 | — |
| adobe | adobe_air | <= 14.0.0.179 | — |
| adobe | adobe_air | — | — |
| adobe | adobe_air | — | — |
| adobe | adobe_air | — | — |
| adobe | adobe_air | — | — |
| adobe | adobe_air_sdk | <= 14.0.0.178 | — |
| adobe | adobe_air_sdk | — | — |
| adobe | adobe_air_sdk | — | — |
| adobe | adobe_air_sdk | — | — |
| adobe | adobe_air_sdk | — | — |
| adobe | flash_player | <= 11.2.202.400 | — |
| adobe | flash_player | <= 13.0.0.241 | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL