CVE-2014-0558 : Détail

CVE-2014-0558

Code Injection
A03-Injection
4.44%V3
Network
2014-10-15
08h00 +00:00
2016-12-30
15h57 +00:00
CVE.org
NVD
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Gestion des notifications

Descriptions du CVE

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.

Informations du CVE

Faiblesses connexes

CWE-ID Nom de la faiblesse Source
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Métriques

Métriques Score Gravité CVSS Vecteur Source
V2 10 AV:N/AC:L/Au:N/C:C/I:C/A:C [email protected]

EPSS

EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.

Score EPSS

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Percentile EPSS

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
EPSS First.org

Products Mentioned

Configuraton 0

Adobe>>Flash_player >> Version To (including) 13.0.0.244

Adobe>>Flash_player >> Version 13.0.0.182

Adobe>>Flash_player >> Version 13.0.0.201

Adobe>>Flash_player >> Version 13.0.0.206

Adobe>>Flash_player >> Version 13.0.0.214

Adobe>>Flash_player >> Version 13.0.0.223

Adobe>>Flash_player >> Version 13.0.0.231

Adobe>>Flash_player >> Version 13.0.0.241

Adobe>>Flash_player >> Version 14.0.0.125

Adobe>>Flash_player >> Version 14.0.0.145

Adobe>>Flash_player >> Version 14.0.0.176

Adobe>>Flash_player >> Version 14.0.0.179

Adobe>>Flash_player >> Version 15.0.0.144

    Adobe>>Flash_player >> Version 15.0.0.152

    Apple>>Mac_os_x >> Version *

    Microsoft>>Windows >> Version *

    Configuraton 0

    Adobe>>Adobe_air >> Version To (including) 15.0.0.252

    Adobe>>Adobe_air >> Version 13.0.0.83

    Adobe>>Adobe_air >> Version 13.0.0.111

    Adobe>>Adobe_air >> Version 14.0.0.110

    Adobe>>Adobe_air >> Version 14.0.0.137

    Adobe>>Adobe_air >> Version 14.0.0.179

      Configuraton 0

      Adobe>>Adobe_air >> Version To (including) 15.0.0.249

      Adobe>>Adobe_air >> Version 13.0.0.83

      Adobe>>Adobe_air >> Version 13.0.0.111

      Adobe>>Adobe_air >> Version 14.0.0.110

      Adobe>>Adobe_air >> Version 14.0.0.137

      Adobe>>Adobe_air >> Version 14.0.0.178

        Configuraton 0

        Adobe>>Flash_player >> Version To (including) 11.2.202.406

        Adobe>>Flash_player >> Version 11.2.202.223

        Adobe>>Flash_player >> Version 11.2.202.228

        Adobe>>Flash_player >> Version 11.2.202.233

        Adobe>>Flash_player >> Version 11.2.202.235

        Adobe>>Flash_player >> Version 11.2.202.236

        Adobe>>Flash_player >> Version 11.2.202.238

        Adobe>>Flash_player >> Version 11.2.202.243

        Adobe>>Flash_player >> Version 11.2.202.251

        Adobe>>Flash_player >> Version 11.2.202.258

        Adobe>>Flash_player >> Version 11.2.202.261

        Adobe>>Flash_player >> Version 11.2.202.262

        Adobe>>Flash_player >> Version 11.2.202.270

        Adobe>>Flash_player >> Version 11.2.202.273

        Adobe>>Flash_player >> Version 11.2.202.275

        Adobe>>Flash_player >> Version 11.2.202.280

        Adobe>>Flash_player >> Version 11.2.202.285

        Adobe>>Flash_player >> Version 11.2.202.291

        Adobe>>Flash_player >> Version 11.2.202.297

        Adobe>>Flash_player >> Version 11.2.202.310

        Adobe>>Flash_player >> Version 11.2.202.332

        Adobe>>Flash_player >> Version 11.2.202.335

        Adobe>>Flash_player >> Version 11.2.202.336

        Adobe>>Flash_player >> Version 11.2.202.341

        Adobe>>Flash_player >> Version 11.2.202.346

        Adobe>>Flash_player >> Version 11.2.202.350

        Adobe>>Flash_player >> Version 11.2.202.356

        Adobe>>Flash_player >> Version 11.2.202.359

        Adobe>>Flash_player >> Version 11.2.202.378

        Adobe>>Flash_player >> Version 11.2.202.394

        Adobe>>Flash_player >> Version 11.2.202.400

        Linux>>Linux_kernel >> Version *

        Configuraton 0

        Adobe>>Adobe_air_sdk >> Version To (including) 15.0.0.249

        Adobe>>Adobe_air_sdk >> Version 13.0.0.83

        Adobe>>Adobe_air_sdk >> Version 13.0.0.111

        Adobe>>Adobe_air_sdk >> Version 14.0.0.110

        Adobe>>Adobe_air_sdk >> Version 14.0.0.137

        Adobe>>Adobe_air_sdk >> Version 14.0.0.178

          Références

          http://secunia.com/advisories/61980
          Tags : third-party-advisory, x_refsource_SECUNIA
          http://rhn.redhat.com/errata/RHSA-2014-1648.html
          Tags : vendor-advisory, x_refsource_REDHAT
          http://www.securitytracker.com/id/1031019
          Tags : vdb-entry, x_refsource_SECTRACK