Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0502

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-0502
Last Modified 21 Jun 2014 12:38:38
Published 21 Feb 2014 12:07:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0502

Summary

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.

Vulnerable Systems

Application

  • Adobe Air 1.0

  • Adobe Air 1.0.1

  • Adobe Air 1.0.4990

  • Adobe Air 1.0.8.4990

  • Adobe Air 1.1

  • Adobe Air 1.1.0.5790

  • Adobe Air 1.5

  • Adobe Air 1.5.0.7220

  • Adobe Air 1.5.1

  • Adobe Air 1.5.1.8210

  • Adobe Air 1.5.2

  • Adobe Air 1.5.3

  • Adobe Air 1.5.3.9120

  • Adobe Air 1.5.3.9130

  • Adobe Air 2.0.2

  • Adobe Air 2.0.2.12610

  • Adobe Air 2.0.3

  • Adobe Air 2.0.3.13070

  • Adobe Air 2.0.4

  • Adobe Air 2.5.0.16600

  • Adobe Air 2.5.1.17730

  • Adobe Air 2.6

  • Adobe Air 2.6.0.19120

  • Adobe Air 2.6.0.19140

  • Adobe Air 2.7

  • Adobe Air 2.7.0.1948

  • Adobe Air 2.7.0.19480

  • Adobe Air 2.7.0.1953

  • Adobe Air 2.7.0.19530

  • Adobe Air 2.7.1

  • Adobe Air 2.7.1.19610

  • Adobe Air 3.0.0.408

  • Adobe Air 3.0.0.4080

  • Adobe Air 3.1.0.485

  • Adobe Air 3.1.0.488

  • Adobe Air 3.1.0.4880

  • Adobe Air 3.2.0.207

  • Adobe Air 3.2.0.2070

  • Adobe Air 3.3.0.3670

  • Adobe Air 3.4.0.2540

  • Adobe Air 3.4.0.2710

  • Adobe Air 3.5.0.1060

  • Adobe Air 3.5.0.600

  • Adobe Air 3.5.0.880

  • Adobe Air 3.5.0.890

  • Adobe Air 3.6.0.597

  • Adobe Air 3.6.0.6090

  • Adobe Air 3.7.0.1530

  • Adobe Air 3.7.0.1860

  • Adobe Air 3.7.0.2090

  • Adobe Air 3.8.0.870

  • Adobe Air 3.8.0.910

  • Adobe Air 3.9.0.1030

  • Adobe Air 3.9.0.1060

  • Adobe Air 3.9.0.1210

  • Adobe Air 3.9.0.1380

  • Adobe Air 4.0.0.1390

  • Adobe Air Sdk 3.0.0.4080

  • Adobe Air Sdk 3.1.0.488

  • Adobe Air Sdk 3.2.0.2070

  • Adobe Air Sdk 3.3.0.3650

  • Adobe Air Sdk 3.3.0.3690

  • Adobe Air Sdk 3.4.0.2540

  • Adobe Air Sdk 3.4.0.2710

  • Adobe Air Sdk 3.5.0.1060

  • Adobe Air Sdk 3.5.0.600

  • Adobe Air Sdk 3.5.0.880

  • Adobe Air Sdk 3.5.0.890

  • Adobe Air Sdk 3.6.0.599

  • Adobe Air Sdk 3.6.0.6090

  • Adobe Air Sdk 3.7.0.1530

  • Adobe Air Sdk 3.7.0.1860

  • Adobe Air Sdk 3.7.0.2090

  • Adobe Air Sdk 3.8.0.1430

  • Adobe Air Sdk 3.8.0.870

  • Adobe Air Sdk 3.8.0.910

  • Adobe Air Sdk 3.9.0.1030

  • Adobe Air Sdk 3.9.0.1210

  • Adobe Air Sdk 3.9.0.1380

  • Adobe Air Sdk 4.0.0.1390

  • Adobe Flash Player 11.0

  • Adobe Flash Player 11.0.1.152

  • Adobe Flash Player 11.0.1.153

  • Adobe Flash Player 11.1

  • Adobe Flash Player 11.1.102.55

  • Adobe Flash Player 11.1.102.59

  • Adobe Flash Player 11.1.102.62

  • Adobe Flash Player 11.1.102.63

  • Adobe Flash Player 11.1.111.44

  • Adobe Flash Player 11.1.111.50

  • Adobe Flash Player 11.1.111.54

  • Adobe Flash Player 11.1.111.8

  • Adobe Flash Player 11.1.115.34

  • Adobe Flash Player 11.1.115.48

  • Adobe Flash Player 11.1.115.54

  • Adobe Flash Player 11.1.115.58

  • Adobe Flash Player 11.1.115.7

  • Adobe Flash Player 11.2.202.223

  • Adobe Flash Player 11.2.202.228

  • Adobe Flash Player 11.2.202.233

  • Adobe Flash Player 11.2.202.235

  • Adobe Flash Player 11.2.202.236

  • Adobe Flash Player 11.2.202.238

  • Adobe Flash Player 11.2.202.243

  • Adobe Flash Player 11.2.202.251

  • Adobe Flash Player 11.2.202.258

  • Adobe Flash Player 11.2.202.261

  • Adobe Flash Player 11.2.202.262

  • Adobe Flash Player 11.2.202.270

  • Adobe Flash Player 11.2.202.273

  • Adobe Flash Player 11.2.202.275

  • Adobe Flash Player 11.2.202.280

  • Adobe Flash Player 11.2.202.285

  • Adobe Flash Player 11.2.202.291

  • Adobe Flash Player 11.2.202.297

  • Adobe Flash Player 11.2.202.310

  • Adobe Flash Player 11.2.202.327

  • Adobe Flash Player 11.2.202.332

  • Adobe Flash Player 11.2.202.335

  • Adobe Flash Player 11.2.202.336

  • Adobe Flash Player 11.3.300.257

  • Adobe Flash Player 11.3.300.262

  • Adobe Flash Player 11.3.300.265

  • Adobe Flash Player 11.3.300.268

  • Adobe Flash Player 11.3.300.270

  • Adobe Flash Player 11.3.300.271

  • Adobe Flash Player 11.3.300.273

  • Adobe Flash Player 11.4.402.265

  • Adobe Flash Player 11.4.402.278

  • Adobe Flash Player 11.4.402.287

  • Adobe Flash Player 11.5.502.110

  • Adobe Flash Player 11.5.502.135

  • Adobe Flash Player 11.5.502.136

  • Adobe Flash Player 11.5.502.146

  • Adobe Flash Player 11.5.502.149

  • Adobe Flash Player 11.6.602.167

  • Adobe Flash Player 11.6.602.168

  • Adobe Flash Player 11.6.602.171

  • Adobe Flash Player 11.6.602.180

  • Adobe Flash Player 11.7.700.169

  • Adobe Flash Player 11.7.700.202

  • Adobe Flash Player 11.7.700.224

  • Adobe Flash Player 11.7.700.225

  • Adobe Flash Player 11.7.700.232

  • Adobe Flash Player 11.7.700.242

  • Adobe Flash Player 11.7.700.252

  • Adobe Flash Player 11.7.700.257

  • Adobe Flash Player 11.7.700.260

  • Adobe Flash Player 11.7.700.261

  • Adobe Flash Player 11.8.800.168

  • Adobe Flash Player 11.8.800.94

  • Adobe Flash Player 11.8.800.97

  • Adobe Flash Player 11.9.900.117

  • Adobe Flash Player 11.9.900.152

  • Adobe Flash Player 11.9.900.170

  • Adobe Flash Player 12.0.0.38

  • Adobe Flash Player 12.0.0.41

  • Adobe Flash Player 12.0.0.43

  • Adobe Flash Player 12.0.0.44


References

CONFIRM - http://helpx.adobe.com/security/products/flash-player/apsb14-07.html

MISC - http://www.alienvault.com/open-threat-exchange/blog/analysis-of-an-attack-exploiting-the-adobe-zero-day-cve-2014-0502/

REDHAT - RHSA-2014:0196

SUSE - SUSE-SU-2014:0290

SUSE - openSUSE-SU-2014:0278

SUSE - openSUSE-SU-2014:0277

GENTOO - GLSA-201405-04

Related Patches

Adobe APSB14-07 Flash Player 12.0.0.70 (Internet Explorer) for Windows (Update) (All Languages) (See Note)

Adobe APSB14-07 Flash Player 12.0.0.70 (Other Browsers) for Windows (Update) (All Languages) (See Note)

Adobe APSB14-07 Flash Player 11.7.700.269 (Other Browsers) for Windows (Update) (All Languages) (See Note)

Adobe APSB14-07 Flash Player 11.7.700.269 (Internet Explorer) for Windows (Update) (All Languages) (See Note)

Adobe APSB14-07 Flash Player 11.7.700.269 for Mac OS X (Update) (See Notes)

Adobe APSB14-07 Flash Player 12.0.0.70 for Mac OS X (Update) (See Notes)


Last Updated: 27 May 2016 10:55:14