You are here

CVE-2014-0498

Vincent (CVE) Danen's picture
Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.

Details Source

Mitre

Public Date

2014-02-20 00:00:00

Impact

Critical

Bugzilla

CVE-2014-0498 CVE-2014-0499 CVE-2014-0502 flash-plugin: multiple flaws lead to arbitrary code execution (APSB14-07)

Bugzilla ID

1 067 656

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

External References

http://helpx.adobe.com/security/products/flash-player/apsb14-07.html

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Supplementary 5 (flash-plugin) RHSA-2014:0196 2014-02-21
Red Hat Enterprise Linux Supplementary (v. 6) (flash-plugin) RHSA-2014:0196 2014-02-21