FKIE_CVE-2014-0533

Vulnerability from fkie_nvd - Published: 2014-06-11 10:57 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532.
References
psirt@adobe.comhttp://helpx.adobe.com/security/products/flash-player/apsb14-16.htmlPatch, Vendor Advisory
psirt@adobe.comhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html
psirt@adobe.comhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html
psirt@adobe.comhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html
psirt@adobe.comhttp://rhn.redhat.com/errata/RHSA-2014-0745.html
psirt@adobe.comhttp://secunia.com/advisories/58390
psirt@adobe.comhttp://secunia.com/advisories/58465
psirt@adobe.comhttp://secunia.com/advisories/58585
psirt@adobe.comhttp://secunia.com/advisories/59053
psirt@adobe.comhttp://secunia.com/advisories/59304
psirt@adobe.comhttp://security.gentoo.org/glsa/glsa-201406-17.xml
psirt@adobe.comhttp://www.securityfocus.com/bid/67974
psirt@adobe.comhttp://www.securitytracker.com/id/1030368
af854a3a-2127-422b-91ae-364da2661108http://helpx.adobe.com/security/products/flash-player/apsb14-16.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0745.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58390
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58465
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58585
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59053
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59304
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201406-17.xml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/67974
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030368
Impacted products
Vendor Product Version
adobe flash_player *
adobe flash_player 13.0.0.182
adobe flash_player 13.0.0.201
adobe flash_player 13.0.0.206
apple mac_os_x *
microsoft windows *
adobe adobe_air_sdk *
adobe adobe_air_sdk 13.0.0.83
adobe flash_player *
adobe flash_player 11.2.202.223
adobe flash_player 11.2.202.228
adobe flash_player 11.2.202.233
adobe flash_player 11.2.202.235
adobe flash_player 11.2.202.236
adobe flash_player 11.2.202.238
adobe flash_player 11.2.202.243
adobe flash_player 11.2.202.251
adobe flash_player 11.2.202.258
adobe flash_player 11.2.202.261
adobe flash_player 11.2.202.262
adobe flash_player 11.2.202.270
adobe flash_player 11.2.202.273
adobe flash_player 11.2.202.275
adobe flash_player 11.2.202.280
adobe flash_player 11.2.202.285
adobe flash_player 11.2.202.291
adobe flash_player 11.2.202.297
adobe flash_player 11.2.202.310
adobe flash_player 11.2.202.332
adobe flash_player 11.2.202.335
adobe flash_player 11.2.202.336
adobe flash_player 11.2.202.341
adobe flash_player 11.2.202.346
adobe flash_player 11.2.202.350
adobe flash_player 11.2.202.356
linux linux_kernel *
adobe adobe_air *
adobe adobe_air 13.0.0.83
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B74D363-BAAF-4F5D-B6F5-6C0709BBA028",
              "versionEndIncluding": "13.0.0.214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3DD6547-ABEE-4734-87AA-BD3E247226B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "0732FFB7-4BFD-499D-A166-9128F3DABA0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*",
              "matchCriteriaId": "C282F91D-C1FE-4CC7-A33D-8E43F85DF168",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8ADD247-FEE4-4FD6-855B-6BEFBB26C28F",
              "versionEndIncluding": "13.0.0.111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "B005E5AC-DD7D-413E-92A2-4E8D7F3F2D7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18823BA9-2C8D-4E91-9CD8-FEAAA213C4DD",
              "versionEndIncluding": "11.2.202.359",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*",
              "matchCriteriaId": "146E1EAC-B9AF-4511-A0DC-A048428E3B68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AFBB9EA-1A66-4FBC-BF89-7DF04FDD6788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*",
              "matchCriteriaId": "39065E60-3680-4384-95C0-EF4F874D2400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0603B3-5C98-422D-A49D-EBE1798DAE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC7882D-1577-4CEA-B1C0-0FEBC91A441A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED86796-B721-49B1-A021-82FA769FA024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7843C6-628A-4091-8A09-6E126A89870E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "472F569C-0FD5-4F61-A4D6-258A8A9C4008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E91A468-191C-4A2D-B1B6-0DDE8BB1C1D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F94E94-C190-4559-8FF6-FEEE6634B67B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC3FDE1-44FD-4BC3-BB43-C44C94D3F794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE46E137-5298-44FA-B40C-6079C9AEE60F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14EAFB3-3718-466F-8EB2-61D00D569251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3390A0-8EB6-424E-96AC-B87E22D6FF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCD935A5-D923-48CC-9699-977C5123D52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AABFF8D-2C2A-4B8B-9DE2-C74EECEDD86F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0EF3E4-C91F-4AD4-91E7-A10DC66DE4A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDB9C24-953C-4268-8C4A-E7C0F021698E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8474A98-24F4-43E5-9402-319F68A9880B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD7F4E8-742E-4264-84EE-22D9E3CB3C76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*",
              "matchCriteriaId": "97DBA814-D400-440C-BEEA-AB1913F783C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CDA6379-D70E-476C-82C5-C916C13CA081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*",
              "matchCriteriaId": "515589AD-8CC1-46CE-9F9A-BAAD725E2C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*",
              "matchCriteriaId": "308488AB-3D95-4231-8201-BF4EE5C9C151",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40406-277E-4BF5-ADCF-BE16B1CF390B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*",
              "matchCriteriaId": "33165339-9DCC-46B2-B22F-CF31D26175D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28E7C8BF-88F7-49CC-A7F5-4CC47B98BDF9",
              "versionEndIncluding": "13.0.0.111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C898203-9D6E-4430-8905-C28180F954E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK \u0026 Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en Adobe Flash Player anterior a 13.0.0.223 y 14.x anterior a 14.0.0.125 en Windows y OS X y anterior a 11.2.202.378 en Linux, Adobe AIR anterior a 14.0.0.110, Adobe AIR SDK anterior a 14.0.0.110 y Adobe AIR SDK \u0026 Compiler anterior a 14.0.0.110 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0531 y CVE-2014-0532."
    }
  ],
  "id": "CVE-2014-0533",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-06-11T10:57:17.393",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-16.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0745.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/58390"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/58465"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/58585"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/59053"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/59304"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://security.gentoo.org/glsa/glsa-201406-17.xml"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/bid/67974"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id/1030368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-16.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0745.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58465"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201406-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/67974"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030368"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.