CVE-2014-0515
Adobe Flash Player Shader Buffer Overflow
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.
Desbordamiento de buffer en Adobe Flash Player anterior a 11.7.700.279 y 11.8.x hasta 13.0.x anterior a 13.0.0.206 en Windows y OS X y anterior a 11.2.202.356 en Linux, permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue explotado activamente en abril 2014.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-12-20 CVE Reserved
- 2014-04-28 First Exploit
- 2014-04-29 CVE Published
- 2024-08-06 CVE Updated
- 2024-09-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/67092 | Third Party Advisory | |
| http://www.securitytracker.com/id/1030155 | Third Party Advisory | |
| http://www.securelist.com/en/blog/8212/New_Flash_Player_0_day_CVE_2014_0515_used_in_watering_hole_attacks |
| URL | Date | SRC |
|---|---|---|
| http://helpx.adobe.com/security/products/flash-player/apsb14-13.html | 2014-04-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.2.202.346 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.2.202.346" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.7.700.279 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.7.700.279" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.7.700.279 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.7.700.279" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.8 < 13.0.0.206 Search vendor "Adobe" for product "Flash Player" and version " >= 11.8 < 13.0.0.206" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.8 < 13.0.0.206 Search vendor "Adobe" for product "Flash Player" and version " >= 11.8 < 13.0.0.206" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|