FKIE_CVE-2014-0542

Vulnerability from fkie_nvd - Published: 2014-08-12 22:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
References
psirt@adobe.comhttp://helpx.adobe.com/security/products/flash-player/apsb14-18.htmlVendor Advisory
psirt@adobe.comhttp://secunia.com/advisories/60710
psirt@adobe.comhttp://secunia.com/advisories/60732
psirt@adobe.comhttp://security.gentoo.org/glsa/glsa-201408-05.xml
psirt@adobe.comhttp://www.securitytracker.com/id/1030712
af854a3a-2127-422b-91ae-364da2661108http://helpx.adobe.com/security/products/flash-player/apsb14-18.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60710
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60732
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201408-05.xml
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030712
Impacted products
Vendor Product Version
adobe adobe_air *
adobe adobe_air 13.0.0.83
adobe adobe_air 13.0.0.111
adobe adobe_air 14.0.0.110
google android *
adobe flash_player *
adobe flash_player 13.0.0.182
adobe flash_player 13.0.0.201
adobe flash_player 13.0.0.206
adobe flash_player 13.0.0.214
adobe flash_player 13.0.0.223
adobe flash_player 14.0.0.125
adobe flash_player 14.0.0.145
apple mac_os_x *
microsoft windows *
adobe adobe_air_sdk *
adobe adobe_air_sdk 13.0.0.83
adobe adobe_air_sdk 13.0.0.111
adobe adobe_air_sdk 14.0.0.110
adobe adobe_air *
adobe adobe_air 13.0.0.83
adobe adobe_air 13.0.0.111
apple mac_os_x *
microsoft windows *
adobe flash_player *
adobe flash_player 11.2.202.223
adobe flash_player 11.2.202.228
adobe flash_player 11.2.202.233
adobe flash_player 11.2.202.235
adobe flash_player 11.2.202.236
adobe flash_player 11.2.202.238
adobe flash_player 11.2.202.243
adobe flash_player 11.2.202.251
adobe flash_player 11.2.202.258
adobe flash_player 11.2.202.261
adobe flash_player 11.2.202.262
adobe flash_player 11.2.202.270
adobe flash_player 11.2.202.273
adobe flash_player 11.2.202.275
adobe flash_player 11.2.202.280
adobe flash_player 11.2.202.285
adobe flash_player 11.2.202.291
adobe flash_player 11.2.202.297
adobe flash_player 11.2.202.310
adobe flash_player 11.2.202.332
adobe flash_player 11.2.202.335
adobe flash_player 11.2.202.336
adobe flash_player 11.2.202.341
adobe flash_player 11.2.202.346
adobe flash_player 11.2.202.350
adobe flash_player 11.2.202.356
adobe flash_player 11.2.202.359
adobe flash_player 11.2.202.378
linux linux_kernel *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83D55436-5B93-4285-865A-7CDEBAB23CEA",
              "versionEndIncluding": "14.0.0.137",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C898203-9D6E-4430-8905-C28180F954E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "434B6846-3ED5-4F23-88D1-567668EE8E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:14.0.0.110:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB252359-318A-4054-8CEA-D08AB7500100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE450E1-FE4E-4BDD-BD7D-5844AFC0C676",
              "versionEndIncluding": "13.0.0.231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3DD6547-ABEE-4734-87AA-BD3E247226B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "0732FFB7-4BFD-499D-A166-9128F3DABA0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*",
              "matchCriteriaId": "C282F91D-C1FE-4CC7-A33D-8E43F85DF168",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.214:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E8C1F3-83AA-468B-8F5A-285F3BD19CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.223:*:*:*:*:*:*:*",
              "matchCriteriaId": "59F08016-055D-4B70-8085-9C657481BA9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D7202D-56DF-400B-9F09-E7D9938222D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4F0D21-A64B-46C1-9591-96529661DF0B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EADFC4AC-861F-4F47-AF20-18EED3866C41",
              "versionEndIncluding": "14.0.0.137",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "B005E5AC-DD7D-413E-92A2-4E8D7F3F2D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "F228403E-68B3-4B18-B120-066346D80891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air_sdk:14.0.0.110:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E1378C-8C12-4728-BC84-2836691C2B11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1601647A-06A7-4D82-9BF0-5DCAAC5A2114",
              "versionEndIncluding": "14.0.0.110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C898203-9D6E-4430-8905-C28180F954E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "434B6846-3ED5-4F23-88D1-567668EE8E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7374A426-E2EB-49A2-8E4E-DE4DA0C4EC9F",
              "versionEndIncluding": "11.2.202.394",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*",
              "matchCriteriaId": "146E1EAC-B9AF-4511-A0DC-A048428E3B68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AFBB9EA-1A66-4FBC-BF89-7DF04FDD6788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*",
              "matchCriteriaId": "39065E60-3680-4384-95C0-EF4F874D2400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0603B3-5C98-422D-A49D-EBE1798DAE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC7882D-1577-4CEA-B1C0-0FEBC91A441A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED86796-B721-49B1-A021-82FA769FA024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7843C6-628A-4091-8A09-6E126A89870E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "472F569C-0FD5-4F61-A4D6-258A8A9C4008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E91A468-191C-4A2D-B1B6-0DDE8BB1C1D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F94E94-C190-4559-8FF6-FEEE6634B67B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC3FDE1-44FD-4BC3-BB43-C44C94D3F794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE46E137-5298-44FA-B40C-6079C9AEE60F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14EAFB3-3718-466F-8EB2-61D00D569251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3390A0-8EB6-424E-96AC-B87E22D6FF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCD935A5-D923-48CC-9699-977C5123D52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AABFF8D-2C2A-4B8B-9DE2-C74EECEDD86F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0EF3E4-C91F-4AD4-91E7-A10DC66DE4A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDB9C24-953C-4268-8C4A-E7C0F021698E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8474A98-24F4-43E5-9402-319F68A9880B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD7F4E8-742E-4264-84EE-22D9E3CB3C76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*",
              "matchCriteriaId": "97DBA814-D400-440C-BEEA-AB1913F783C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CDA6379-D70E-476C-82C5-C916C13CA081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*",
              "matchCriteriaId": "515589AD-8CC1-46CE-9F9A-BAAD725E2C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*",
              "matchCriteriaId": "308488AB-3D95-4231-8201-BF4EE5C9C151",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB40406-277E-4BF5-ADCF-BE16B1CF390B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*",
              "matchCriteriaId": "33165339-9DCC-46B2-B22F-CF31D26175D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.359:*:*:*:*:*:*:*",
              "matchCriteriaId": "28AB62F3-9CB0-4ED8-9785-2B4878BB101D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.378:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF423A60-6377-4782-B809-D6304322F391",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK \u0026 Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545."
    },
    {
      "lang": "es",
      "value": "Adobe Flash Player anterior a 13.0.0.241 y 14.x anterior a 14.0.0.176 en Windows y OS X y anterior a 11.2.202.400 en Linux, Adobe AIR anterior a 14.0.0.178 en Windows y OS X y anterior a 14.0.0.179 en Android, Adobe AIR SDK anterior a 14.0.0.178, y Adobe AIR SDK \u0026 Compiler anterior a 14.0.0.178 no restringen debidamente el descubrimiento de las direcciones de memoria, lo que permite a atacantes evadir el mecanismo de protecci\u00f3n ASLR a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, y CVE-2014-0545."
    }
  ],
  "id": "CVE-2014-0542",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-08-12T22:55:02.513",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-18.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/60710"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/60732"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://security.gentoo.org/glsa/glsa-201408-05.xml"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id/1030712"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-18.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60732"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201408-05.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030712"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.