// For flags

CVE-2014-0585

flash-plugin: multiple code execution flaws (APSB14-24)

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0586, and CVE-2014-0590.

Adobe Flash Player anterior a 13.0.0.252 y 14.x y 15.x anterior a 15.0.0.223 en Windows y OS X y anterior a 11.2.202.418 en Linux, Adobe AIR anterior a 15.0.0.356, Adobe AIR SDK anterior a 15.0.0.356, y Adobe AIR SDK & Compiler anterior a 15.0.0.356 permiten a atacantes ejecutar código arbitrario mediante el aprovechamiento de una 'confusión de tipo' no especificada, una vulnerabilidad diferente a CVE-2014-0577, CVE-2014-0584, CVE-2014-0586, y CVE-2014-0590.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-20 CVE Reserved
  • 2014-11-11 CVE Published
  • 2023-04-26 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 13.0 < 13.0.0.252
Search vendor "Adobe" for product "Flash Player" and version " >= 13.0 < 13.0.0.252"
-
Affected
in Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
*-
Safe
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 13.0 < 13.0.0.252
Search vendor "Adobe" for product "Flash Player" and version " >= 13.0 < 13.0.0.252"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 14.0 <= 14.0.0.179
Search vendor "Adobe" for product "Flash Player" and version " >= 14.0 <= 14.0.0.179"
-
Affected
in Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
*-
Safe
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 14.0 <= 14.0.0.179
Search vendor "Adobe" for product "Flash Player" and version " >= 14.0 <= 14.0.0.179"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 15.0 < 15.0.0.223
Search vendor "Adobe" for product "Flash Player" and version " >= 15.0 < 15.0.0.223"
-
Affected
in Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
*-
Safe
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 15.0 < 15.0.0.223
Search vendor "Adobe" for product "Flash Player" and version " >= 15.0 < 15.0.0.223"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Adobe
Search vendor "Adobe"
Flash Player
Search vendor "Adobe" for product "Flash Player"
>= 11.0 < 11.2.202.418
Search vendor "Adobe" for product "Flash Player" and version " >= 11.0 < 11.2.202.418"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
*-
Safe
Adobe
Search vendor "Adobe"
Air Sdk
Search vendor "Adobe" for product "Air Sdk"
<= 15.0.0.356
Search vendor "Adobe" for product "Air Sdk" and version " <= 15.0.0.356"
-
Affected
Adobe
Search vendor "Adobe"
Air
Search vendor "Adobe" for product "Air"
<= 15.0.0.356
Search vendor "Adobe" for product "Air" and version " <= 15.0.0.356"
-
Affected
Adobe
Search vendor "Adobe"
Air Sdk \& Compiler
Search vendor "Adobe" for product "Air Sdk \& Compiler"
< 15.0.0.356
Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " < 15.0.0.356"
-
Affected