FKIE_CVE-2014-0557
Vulnerability from fkie_nvd - Published: 2014-09-10 01:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "903DBE2A-809C-46C3-A32A-24841CC2FAF7",
"versionEndIncluding": "11.2.202.400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*",
"matchCriteriaId": "146E1EAC-B9AF-4511-A0DC-A048428E3B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFBB9EA-1A66-4FBC-BF89-7DF04FDD6788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*",
"matchCriteriaId": "39065E60-3680-4384-95C0-EF4F874D2400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0603B3-5C98-422D-A49D-EBE1798DAE69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC7882D-1577-4CEA-B1C0-0FEBC91A441A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*",
"matchCriteriaId": "CED86796-B721-49B1-A021-82FA769FA024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7843C6-628A-4091-8A09-6E126A89870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*",
"matchCriteriaId": "472F569C-0FD5-4F61-A4D6-258A8A9C4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*",
"matchCriteriaId": "1E91A468-191C-4A2D-B1B6-0DDE8BB1C1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*",
"matchCriteriaId": "47F94E94-C190-4559-8FF6-FEEE6634B67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC3FDE1-44FD-4BC3-BB43-C44C94D3F794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*",
"matchCriteriaId": "FE46E137-5298-44FA-B40C-6079C9AEE60F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*",
"matchCriteriaId": "D14EAFB3-3718-466F-8EB2-61D00D569251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*",
"matchCriteriaId": "FD3390A0-8EB6-424E-96AC-B87E22D6FF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD935A5-D923-48CC-9699-977C5123D52C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*",
"matchCriteriaId": "5AABFF8D-2C2A-4B8B-9DE2-C74EECEDD86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0EF3E4-C91F-4AD4-91E7-A10DC66DE4A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDB9C24-953C-4268-8C4A-E7C0F021698E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*",
"matchCriteriaId": "E8474A98-24F4-43E5-9402-319F68A9880B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD7F4E8-742E-4264-84EE-22D9E3CB3C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*",
"matchCriteriaId": "97DBA814-D400-440C-BEEA-AB1913F783C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*",
"matchCriteriaId": "9CDA6379-D70E-476C-82C5-C916C13CA081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*",
"matchCriteriaId": "515589AD-8CC1-46CE-9F9A-BAAD725E2C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*",
"matchCriteriaId": "308488AB-3D95-4231-8201-BF4EE5C9C151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB40406-277E-4BF5-ADCF-BE16B1CF390B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*",
"matchCriteriaId": "33165339-9DCC-46B2-B22F-CF31D26175D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.359:*:*:*:*:*:*:*",
"matchCriteriaId": "28AB62F3-9CB0-4ED8-9785-2B4878BB101D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.378:*:*:*:*:*:*:*",
"matchCriteriaId": "AF423A60-6377-4782-B809-D6304322F391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.394:*:*:*:*:*:*:*",
"matchCriteriaId": "47215F3E-46D4-447B-BA57-3851D25659CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE469B87-3D28-4C23-9C21-57EB6E4E96EA",
"versionEndIncluding": "13.0.0.241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*",
"matchCriteriaId": "C3DD6547-ABEE-4734-87AA-BD3E247226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*",
"matchCriteriaId": "0732FFB7-4BFD-499D-A166-9128F3DABA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*",
"matchCriteriaId": "C282F91D-C1FE-4CC7-A33D-8E43F85DF168",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.214:*:*:*:*:*:*:*",
"matchCriteriaId": "11E8C1F3-83AA-468B-8F5A-285F3BD19CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.223:*:*:*:*:*:*:*",
"matchCriteriaId": "59F08016-055D-4B70-8085-9C657481BA9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:13.0.0.231:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA91689-F95C-4C67-A1AE-4CCA6FB29923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D7202D-56DF-400B-9F09-E7D9938222D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4F0D21-A64B-46C1-9591-96529661DF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*",
"matchCriteriaId": "86961019-3B81-458E-949F-A2F006EA55FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*",
"matchCriteriaId": "25895BE9-71FD-4DE7-90FC-0199470A8738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.144:*:*:*:*:*:*:*",
"matchCriteriaId": "57882CDA-B99B-40EC-921A-8DFF5D820C97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83397BA-05CC-40B6-8326-95812381E58F",
"versionEndIncluding": "14.0.0.178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B005E5AC-DD7D-413E-92A2-4E8D7F3F2D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.111:*:*:*:*:*:*:*",
"matchCriteriaId": "F228403E-68B3-4B18-B120-066346D80891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk:14.0.0.110:*:*:*:*:*:*:*",
"matchCriteriaId": "73E1378C-8C12-4728-BC84-2836691C2B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk:14.0.0.137:*:*:*:*:*:*:*",
"matchCriteriaId": "D089EFE1-4EAA-4644-9C01-35D70C508827",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C151F46-19ED-4B9D-841D-8590D36DEF83",
"versionEndIncluding": "14.0.0.178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "3C898203-9D6E-4430-8905-C28180F954E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.111:*:*:*:*:*:*:*",
"matchCriteriaId": "434B6846-3ED5-4F23-88D1-567668EE8E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:14.0.0.110:*:*:*:*:*:*:*",
"matchCriteriaId": "CB252359-318A-4054-8CEA-D08AB7500100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:14.0.0.137:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE7DA31-9C37-4561-A7E5-76EF2DE65EA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE4FBE2-93B1-436C-B09E-FD8DD7D22D32",
"versionEndIncluding": "14.0.0.179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "3C898203-9D6E-4430-8905-C28180F954E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:13.0.0.111:*:*:*:*:*:*:*",
"matchCriteriaId": "434B6846-3ED5-4F23-88D1-567668EE8E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:14.0.0.110:*:*:*:*:*:*:*",
"matchCriteriaId": "CB252359-318A-4054-8CEA-D08AB7500100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:14.0.0.137:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE7DA31-9C37-4561-A7E5-76EF2DE65EA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK \u0026 Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Flash Player anterior a 13.0.0.244 y 14.x y 15.x anterior a 15.0.0.152 en Windows y6 OS X y anterior a 11.2.202.406 en Linux, Adobe AIR anterior a 15.0.0.249 en Windows y OS X y anterior a 15.0.0.252 en Android, Adobe AIR SDK anteriora 15.0.0.249, y Adobe AIR SDK \u0026 Compiler anterior a 15.0.0.249 no restringen debidamente el descubrimiento de las direcciones de la memoria, lo que permite a atacantes evadir el mecanismo de protecci\u00f3n ASLR a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-0557",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-09-10T01:55:08.933",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
},
{
"source": "psirt@adobe.com",
"url": "http://secunia.com/advisories/61089"
},
{
"source": "psirt@adobe.com",
"url": "http://security.gentoo.org/glsa/glsa-201409-05.xml"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/69701"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1030822"
},
{
"source": "psirt@adobe.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201409-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95827"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…