CVE-2014-9162 — Sensitive Information Exposure in Adobe Flash Player

CWE-200 — Sensitive Information Exposure5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

1.9%

top 16.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedDec 10

Latest updateMay 14

Description

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player13.0 — 13.0.0.259+3

🔴Vulnerability Details

GHSA

GHSA-ghh8-fpp6-8pxm: Adobe Flash Player before 13↗2022-05-14

▶

OSV

CVE-2014-9162: Adobe Flash Player before 13↗2014-12-10

▶

📋Vendor Advisories

Red Hat

flash-plugin: Information disclosure vulnerability (APSB14-27)↗2014-12-10

▶

💬Community

Bugzilla

CVE-2014-9162 flash-plugin: Information disclosure vulnerability (APSB14-27)↗2014-12-10

▶