CVE-2014-0497
KEV
🔴 Łataj teraz
Niedobór całkowity w Adobe Flash Player umożliwia zdalne wykonanie kodu.
CVSS
9.8
EPSS
93.2%
Exploit
weaponized
Vendor
redhat
Opis źródłowy (NVD)
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
brak
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 93.2% |
| Opublikowano (NVD) | 2014-02-05 05:15:29 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-21 21:11:48 UTC |
Referencje
- http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html (psirt@adobe.com) [Release Notes]
- http://helpx.adobe.com/security/products/flash-player/apsb14-04.html (psirt@adobe.com) [Broken Link, Patch, Vendor Advisory]
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html (psirt@adobe.com) [Mailing List]
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html (psirt@adobe.com) [Mailing List]
- http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html (psirt@adobe.com) [Mailing List]
- http://rhn.redhat.com/errata/RHSA-2014-0137.html (psirt@adobe.com) [Third Party Advisory]
- http://secunia.com/advisories/56437 (psirt@adobe.com) [Broken Link, Third Party Advisory]
- http://secunia.com/advisories/56737 (psirt@adobe.com) [Broken Link, Third Party Advisory]
- http://secunia.com/advisories/56780 (psirt@adobe.com) [Broken Link, Third Party Advisory]
- http://secunia.com/advisories/56799 (psirt@adobe.com) [Broken Link, Third Party Advisory]
- http://secunia.com/advisories/56839 (psirt@adobe.com) [Broken Link, Third Party Advisory]
- http://www.exploit-db.com/exploits/33212 (psirt@adobe.com) [Third Party Advisory, VDB Entry]
- http://www.osvdb.org/102849 (psirt@adobe.com) [Broken Link]
- http://www.securityfocus.com/bid/65327 (psirt@adobe.com) [Broken Link, Third Party Advisory, VDB Entry]
- http://www.securitytracker.com/id/1029715 (psirt@adobe.com) [Broken Link, Third Party Advisory, VDB Entry]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90884 (psirt@adobe.com) [Third Party Advisory, VDB Entry]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0497 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]