CVE-2014-0558 : Detail

CVE-2014-0558

Code Injection
A03-Injection
4.44%V3
Network
2014-10-15
08h00 +00:00
2016-12-30
15h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Metrics

Metrics Score Severity CVSS Vector Source
V2 10 AV:N/AC:L/Au:N/C:C/I:C/A:C [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Products Mentioned

Configuraton 0

Adobe>>Flash_player >> Version To (including) 13.0.0.244

Adobe>>Flash_player >> Version 13.0.0.182

Adobe>>Flash_player >> Version 13.0.0.201

Adobe>>Flash_player >> Version 13.0.0.206

Adobe>>Flash_player >> Version 13.0.0.214

Adobe>>Flash_player >> Version 13.0.0.223

Adobe>>Flash_player >> Version 13.0.0.231

Adobe>>Flash_player >> Version 13.0.0.241

Adobe>>Flash_player >> Version 14.0.0.125

Adobe>>Flash_player >> Version 14.0.0.145

Adobe>>Flash_player >> Version 14.0.0.176

Adobe>>Flash_player >> Version 14.0.0.179

Adobe>>Flash_player >> Version 15.0.0.144

    Adobe>>Flash_player >> Version 15.0.0.152

    Apple>>Mac_os_x >> Version *

    Microsoft>>Windows >> Version *

    Configuraton 0

    Adobe>>Adobe_air >> Version To (including) 15.0.0.252

    Adobe>>Adobe_air >> Version 13.0.0.83

    Adobe>>Adobe_air >> Version 13.0.0.111

    Adobe>>Adobe_air >> Version 14.0.0.110

    Adobe>>Adobe_air >> Version 14.0.0.137

    Adobe>>Adobe_air >> Version 14.0.0.179

      Configuraton 0

      Adobe>>Adobe_air >> Version To (including) 15.0.0.249

      Adobe>>Adobe_air >> Version 13.0.0.83

      Adobe>>Adobe_air >> Version 13.0.0.111

      Adobe>>Adobe_air >> Version 14.0.0.110

      Adobe>>Adobe_air >> Version 14.0.0.137

      Adobe>>Adobe_air >> Version 14.0.0.178

        Configuraton 0

        Adobe>>Flash_player >> Version To (including) 11.2.202.406

        Adobe>>Flash_player >> Version 11.2.202.223

        Adobe>>Flash_player >> Version 11.2.202.228

        Adobe>>Flash_player >> Version 11.2.202.233

        Adobe>>Flash_player >> Version 11.2.202.235

        Adobe>>Flash_player >> Version 11.2.202.236

        Adobe>>Flash_player >> Version 11.2.202.238

        Adobe>>Flash_player >> Version 11.2.202.243

        Adobe>>Flash_player >> Version 11.2.202.251

        Adobe>>Flash_player >> Version 11.2.202.258

        Adobe>>Flash_player >> Version 11.2.202.261

        Adobe>>Flash_player >> Version 11.2.202.262

        Adobe>>Flash_player >> Version 11.2.202.270

        Adobe>>Flash_player >> Version 11.2.202.273

        Adobe>>Flash_player >> Version 11.2.202.275

        Adobe>>Flash_player >> Version 11.2.202.280

        Adobe>>Flash_player >> Version 11.2.202.285

        Adobe>>Flash_player >> Version 11.2.202.291

        Adobe>>Flash_player >> Version 11.2.202.297

        Adobe>>Flash_player >> Version 11.2.202.310

        Adobe>>Flash_player >> Version 11.2.202.332

        Adobe>>Flash_player >> Version 11.2.202.335

        Adobe>>Flash_player >> Version 11.2.202.336

        Adobe>>Flash_player >> Version 11.2.202.341

        Adobe>>Flash_player >> Version 11.2.202.346

        Adobe>>Flash_player >> Version 11.2.202.350

        Adobe>>Flash_player >> Version 11.2.202.356

        Adobe>>Flash_player >> Version 11.2.202.359

        Adobe>>Flash_player >> Version 11.2.202.378

        Adobe>>Flash_player >> Version 11.2.202.394

        Adobe>>Flash_player >> Version 11.2.202.400

        Linux>>Linux_kernel >> Version *

        Configuraton 0

        Adobe>>Adobe_air_sdk >> Version To (including) 15.0.0.249

        Adobe>>Adobe_air_sdk >> Version 13.0.0.83

        Adobe>>Adobe_air_sdk >> Version 13.0.0.111

        Adobe>>Adobe_air_sdk >> Version 14.0.0.110

        Adobe>>Adobe_air_sdk >> Version 14.0.0.137

        Adobe>>Adobe_air_sdk >> Version 14.0.0.178

          References

          http://secunia.com/advisories/61980
          Tags : third-party-advisory, x_refsource_SECUNIA
          http://rhn.redhat.com/errata/RHSA-2014-1648.html
          Tags : vendor-advisory, x_refsource_REDHAT
          http://www.securitytracker.com/id/1031019
          Tags : vdb-entry, x_refsource_SECTRACK