CVE-2014-0583
Gentoo Linux Security Advisory 201411-06
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unspecified vectors.
Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.252 y 14.x y 15.x anterior a 15.0.0.223 en Windows y OS X y anterior a 11.2.202.418 en Linux, Adobe AIR anterior a 15.0.0.356, Adobe AIR SDK anterior a 15.0.0.356, y Adobe AIR SDK & Compiler anterior a 15.0.0.356 permite a atacantes completar una transición de integridad baja a integridad media a través de vectores no especificados.
Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.418 are affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-12-20 CVE Reserved
- 2014-11-11 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/71035 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://helpx.adobe.com/security/products/flash-player/apsb14-24.html | 2018-12-13 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html | 2018-12-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 13.0 < 13.0.0.252 Search vendor "Adobe" for product "Flash Player" and version " >= 13.0 < 13.0.0.252" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 13.0 < 13.0.0.252 Search vendor "Adobe" for product "Flash Player" and version " >= 13.0 < 13.0.0.252" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 14.0 <= 14.0.0.179 Search vendor "Adobe" for product "Flash Player" and version " >= 14.0 <= 14.0.0.179" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 14.0 <= 14.0.0.179 Search vendor "Adobe" for product "Flash Player" and version " >= 14.0 <= 14.0.0.179" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 15.0 < 15.0.0.223 Search vendor "Adobe" for product "Flash Player" and version " >= 15.0 < 15.0.0.223" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 15.0 < 15.0.0.223 Search vendor "Adobe" for product "Flash Player" and version " >= 15.0 < 15.0.0.223" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 11.0 < 11.2.202.418 Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.2.202.418" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Air Sdk Search vendor "Adobe" for product "Air Sdk" | <= 15.0.0.356 Search vendor "Adobe" for product "Air Sdk" and version " <= 15.0.0.356" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | <= 15.0.0.356 Search vendor "Adobe" for product "Air" and version " <= 15.0.0.356" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler" | < 15.0.0.356 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " < 15.0.0.356" | - |
Affected
| ||||||