CVE-2014-0509 : Detail

CVE-2014-0509

Cross-site Scripting
A03-Injection
0.26%V3
Network
2014-04-08
19h00 +00:00
2017-12-15
16h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Metrics

Metrics Score Severity CVSS Vector Source
V2 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Products Mentioned

Configuraton 0

Adobe>>Flash_player >> Version 11.0

Adobe>>Flash_player >> Version 11.0.1.152

Adobe>>Flash_player >> Version 11.0.1.153

Adobe>>Flash_player >> Version 11.1

Adobe>>Flash_player >> Version 11.1.102.55

Adobe>>Flash_player >> Version 11.1.102.59

Adobe>>Flash_player >> Version 11.1.102.62

Adobe>>Flash_player >> Version 11.1.102.63

Adobe>>Flash_player >> Version 11.1.111.8

Adobe>>Flash_player >> Version 11.1.111.44

Adobe>>Flash_player >> Version 11.1.111.50

Adobe>>Flash_player >> Version 11.1.111.54

Adobe>>Flash_player >> Version 11.1.115.7

Adobe>>Flash_player >> Version 11.1.115.34

Adobe>>Flash_player >> Version 11.1.115.48

Adobe>>Flash_player >> Version 11.1.115.54

Adobe>>Flash_player >> Version 11.1.115.58

Adobe>>Flash_player >> Version 11.2.202.223

Adobe>>Flash_player >> Version 11.2.202.228

Adobe>>Flash_player >> Version 11.2.202.233

Adobe>>Flash_player >> Version 11.2.202.235

Adobe>>Flash_player >> Version 11.2.202.236

Adobe>>Flash_player >> Version 11.2.202.238

Adobe>>Flash_player >> Version 11.2.202.243

Adobe>>Flash_player >> Version 11.2.202.251

Adobe>>Flash_player >> Version 11.2.202.258

Adobe>>Flash_player >> Version 11.2.202.261

Adobe>>Flash_player >> Version 11.2.202.262

Adobe>>Flash_player >> Version 11.2.202.270

Adobe>>Flash_player >> Version 11.2.202.273

Adobe>>Flash_player >> Version 11.2.202.275

Adobe>>Flash_player >> Version 11.2.202.280

Adobe>>Flash_player >> Version 11.2.202.285

Adobe>>Flash_player >> Version 11.3.300.257

Adobe>>Flash_player >> Version 11.3.300.262

Adobe>>Flash_player >> Version 11.3.300.265

Adobe>>Flash_player >> Version 11.3.300.268

Adobe>>Flash_player >> Version 11.3.300.270

Adobe>>Flash_player >> Version 11.3.300.271

Adobe>>Flash_player >> Version 11.3.300.273

Adobe>>Flash_player >> Version 11.4.402.265

Adobe>>Flash_player >> Version 11.4.402.278

Adobe>>Flash_player >> Version 11.4.402.287

Adobe>>Flash_player >> Version 11.5.502.110

Adobe>>Flash_player >> Version 11.5.502.135

Adobe>>Flash_player >> Version 11.5.502.136

Adobe>>Flash_player >> Version 11.5.502.146

Adobe>>Flash_player >> Version 11.5.502.149

Adobe>>Flash_player >> Version 11.6.602.167

Adobe>>Flash_player >> Version 11.6.602.168

Adobe>>Flash_player >> Version 11.6.602.171

Adobe>>Flash_player >> Version 11.6.602.180

Adobe>>Flash_player >> Version 11.7.700.169

Adobe>>Flash_player >> Version 11.7.700.202

Adobe>>Flash_player >> Version 11.7.700.224

Adobe>>Flash_player >> Version 11.7.700.232

Adobe>>Flash_player >> Version 11.7.700.242

Adobe>>Flash_player >> Version 11.7.700.252

Adobe>>Flash_player >> Version 11.7.700.257

Adobe>>Flash_player >> Version 11.7.700.260

Adobe>>Flash_player >> Version 11.8.800.94

Adobe>>Flash_player >> Version 11.8.800.97

Adobe>>Flash_player >> Version 11.8.800.168

Adobe>>Flash_player >> Version 11.9.900.117

Adobe>>Flash_player >> Version 11.9.900.152

Adobe>>Flash_player >> Version 11.9.900.170

Adobe>>Flash_player >> Version 12.0.0.38

Adobe>>Flash_player >> Version 12.0.0.41

Adobe>>Flash_player >> Version 12.0.0.43

Apple>>Mac_os_x >> Version *

Microsoft>>Windows >> Version *

Configuraton 0

Adobe>>Adobe_air >> Version To (including) 4.0.0.1390

Adobe>>Adobe_air >> Version 1.0

Adobe>>Adobe_air >> Version 1.0.1

Adobe>>Adobe_air >> Version 1.0.8.4990

Adobe>>Adobe_air >> Version 1.0.4990

Adobe>>Adobe_air >> Version 1.1

Adobe>>Adobe_air >> Version 1.1.0.5790

Adobe>>Adobe_air >> Version 1.5

Adobe>>Adobe_air >> Version 1.5.0.7220

Adobe>>Adobe_air >> Version 1.5.1

Adobe>>Adobe_air >> Version 1.5.1.8210

Adobe>>Adobe_air >> Version 1.5.2

Adobe>>Adobe_air >> Version 1.5.3

Adobe>>Adobe_air >> Version 1.5.3.9120

Adobe>>Adobe_air >> Version 1.5.3.9130

Adobe>>Adobe_air >> Version 2.0.2

Adobe>>Adobe_air >> Version 2.0.2.12610

Adobe>>Adobe_air >> Version 2.0.3

Adobe>>Adobe_air >> Version 2.0.3.13070

Adobe>>Adobe_air >> Version 2.0.4

Adobe>>Adobe_air >> Version 2.5.0.16600

Adobe>>Adobe_air >> Version 2.5.1.17730

Adobe>>Adobe_air >> Version 2.6

Adobe>>Adobe_air >> Version 2.6.0.19120

Adobe>>Adobe_air >> Version 2.6.0.19140

Adobe>>Adobe_air >> Version 2.7

Adobe>>Adobe_air >> Version 2.7.0.1948

Adobe>>Adobe_air >> Version 2.7.0.1953

Adobe>>Adobe_air >> Version 2.7.0.19480

Adobe>>Adobe_air >> Version 2.7.0.19530

Adobe>>Adobe_air >> Version 2.7.1

Adobe>>Adobe_air >> Version 2.7.1.19610

Adobe>>Adobe_air >> Version 3.0.0.408

Adobe>>Adobe_air >> Version 3.0.0.4080

Adobe>>Adobe_air >> Version 3.1.0.485

Adobe>>Adobe_air >> Version 3.1.0.488

Adobe>>Adobe_air >> Version 3.1.0.4880

Adobe>>Adobe_air >> Version 3.2.0.207

Adobe>>Adobe_air >> Version 3.2.0.2070

Adobe>>Adobe_air >> Version 3.3.0.3670

Adobe>>Adobe_air >> Version 3.4.0.2540

Adobe>>Adobe_air >> Version 3.4.0.2710

Adobe>>Adobe_air >> Version 3.5.0.600

Adobe>>Adobe_air >> Version 3.5.0.880

Adobe>>Adobe_air >> Version 3.5.0.890

Adobe>>Adobe_air >> Version 3.5.0.1060

Adobe>>Adobe_air >> Version 3.6.0.597

Adobe>>Adobe_air >> Version 3.6.0.6090

Adobe>>Adobe_air >> Version 3.7.0.1530

Adobe>>Adobe_air >> Version 3.7.0.1860

Adobe>>Adobe_air >> Version 3.7.0.2090

Adobe>>Adobe_air >> Version 3.8.0.870

Adobe>>Adobe_air >> Version 3.8.0.910

Adobe>>Adobe_air >> Version 3.9.0.1030

Adobe>>Adobe_air >> Version 3.9.0.1060

Adobe>>Adobe_air >> Version 3.9.0.1210

Adobe>>Adobe_air >> Version 3.9.0.1380

Configuraton 0

Adobe>>Flash_player >> Version To (including) 11.2.202.346

Adobe>>Flash_player >> Version 11.0

Adobe>>Flash_player >> Version 11.0.1.152

Adobe>>Flash_player >> Version 11.0.1.153

Adobe>>Flash_player >> Version 11.1

Adobe>>Flash_player >> Version 11.1.102.55

Adobe>>Flash_player >> Version 11.1.102.59

Adobe>>Flash_player >> Version 11.1.102.62

Adobe>>Flash_player >> Version 11.1.102.63

Adobe>>Flash_player >> Version 11.1.111.8

Adobe>>Flash_player >> Version 11.1.111.44

Adobe>>Flash_player >> Version 11.1.111.50

Adobe>>Flash_player >> Version 11.1.111.54

Adobe>>Flash_player >> Version 11.1.115.7

Adobe>>Flash_player >> Version 11.1.115.34

Adobe>>Flash_player >> Version 11.1.115.48

Adobe>>Flash_player >> Version 11.1.115.54

Adobe>>Flash_player >> Version 11.1.115.58

Adobe>>Flash_player >> Version 11.2.202.223

Adobe>>Flash_player >> Version 11.2.202.228

Adobe>>Flash_player >> Version 11.2.202.233

Adobe>>Flash_player >> Version 11.2.202.235

Adobe>>Flash_player >> Version 11.2.202.236

Adobe>>Flash_player >> Version 11.2.202.238

Adobe>>Flash_player >> Version 11.2.202.243

Adobe>>Flash_player >> Version 11.2.202.251

Adobe>>Flash_player >> Version 11.2.202.258

Adobe>>Flash_player >> Version 11.2.202.261

Adobe>>Flash_player >> Version 11.2.202.262

Adobe>>Flash_player >> Version 11.2.202.270

Adobe>>Flash_player >> Version 11.2.202.273

Adobe>>Flash_player >> Version 11.2.202.275

Adobe>>Flash_player >> Version 11.2.202.280

Adobe>>Flash_player >> Version 11.2.202.285

Adobe>>Flash_player >> Version 11.2.202.291

Adobe>>Flash_player >> Version 11.2.202.297

Adobe>>Flash_player >> Version 11.2.202.310

Adobe>>Flash_player >> Version 11.2.202.327

Adobe>>Flash_player >> Version 11.2.202.332

Adobe>>Flash_player >> Version 11.2.202.335

Adobe>>Flash_player >> Version 11.2.202.336

Adobe>>Flash_player >> Version 11.2.202.341

Linux>>Linux_kernel >> Version *

Configuraton 0

Adobe>>Adobe_air_sdk >> Version To (including) 4.0.0.1628

Adobe>>Adobe_air_sdk >> Version 3.0.0.4080

Adobe>>Adobe_air_sdk >> Version 3.1.0.488

Adobe>>Adobe_air_sdk >> Version 3.2.0.2070

Adobe>>Adobe_air_sdk >> Version 3.3.0.3650

Adobe>>Adobe_air_sdk >> Version 3.3.0.3690

Adobe>>Adobe_air_sdk >> Version 3.4.0.2540

Adobe>>Adobe_air_sdk >> Version 3.4.0.2710

Adobe>>Adobe_air_sdk >> Version 3.5.0.600

Adobe>>Adobe_air_sdk >> Version 3.5.0.880

Adobe>>Adobe_air_sdk >> Version 3.5.0.890

Adobe>>Adobe_air_sdk >> Version 3.5.0.1060

Adobe>>Adobe_air_sdk >> Version 3.6.0.599

Adobe>>Adobe_air_sdk >> Version 3.6.0.6090

Adobe>>Adobe_air_sdk >> Version 3.7.0.1530

Adobe>>Adobe_air_sdk >> Version 3.7.0.1860

Adobe>>Adobe_air_sdk >> Version 3.7.0.2090

Adobe>>Adobe_air_sdk >> Version 3.8.0.870

Adobe>>Adobe_air_sdk >> Version 3.8.0.910

Adobe>>Adobe_air_sdk >> Version 3.8.0.1430

Adobe>>Adobe_air_sdk >> Version 3.9.0.1030

Adobe>>Adobe_air_sdk >> Version 3.9.0.1210

Adobe>>Adobe_air_sdk >> Version 3.9.0.1380

Adobe>>Adobe_air_sdk >> Version 4.0.0.1390

References

http://www.securityfocus.com/bid/66703
Tags : vdb-entry, x_refsource_BID
http://security.gentoo.org/glsa/glsa-201405-04.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2014-0380.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id/1030035
Tags : vdb-entry, x_refsource_SECTRACK