CVE-2014-0497
Adobe Flash Player Integer Underflow Vulnerablity
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
Act
*SSVC
Descriptions
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
Desbordamiento inferior de enteros en Adobe Flash Player anterior a 11.7.700.261 y 11.8.x hasta 12.0.x anterior a 12.0.0.44 en Windows y Mac OS X, y anterior a 11.2.202.336 en Linux, permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados.
Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Act
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-12-20 CVE Reserved
- 2014-02-05 CVE Published
- 2014-05-06 First Exploit
- 2024-09-17 Exploited in Wild
- 2024-09-18 CVE Updated
- 2024-09-20 EPSS Updated
- 2024-10-08 KEV Due Date
CWE
- CWE-189: Numeric Errors
- CWE-190: Integer Overflow or Wraparound
- CWE-191: Integer Underflow (Wrap or Wraparound)
CAPEC
References (19)
URL | Tag | Source |
---|---|---|
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html | Third Party Advisory | |
http://secunia.com/advisories/56437 | Third Party Advisory | |
http://secunia.com/advisories/56737 | Third Party Advisory | |
http://secunia.com/advisories/56780 | Third Party Advisory | |
http://secunia.com/advisories/56799 | Third Party Advisory | |
http://secunia.com/advisories/56839 | Third Party Advisory | |
http://www.osvdb.org/102849 | Broken Link | |
http://www.securityfocus.com/bid/65327 | Third Party Advisory | |
http://www.securitytracker.com/id/1029715 | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/90884 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/33212 | 2014-05-06 | |
http://www.exploit-db.com/exploits/33212 | 2024-09-18 |
URL | Date | SRC |
---|---|---|
http://helpx.adobe.com/security/products/flash-player/apsb14-04.html | 2018-12-13 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.2.202.336 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.2.202.336" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.7.700.261 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.7.700.261" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.7.700.261 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.7.700.261" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.8 < 12.0.0.44 Search vendor "Adobe" for product "Flash Player" and version " >= 11.8 < 12.0.0.44" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.8 < 12.0.0.44 Search vendor "Adobe" for product "Flash Player" and version " >= 11.8 < 12.0.0.44" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|