Vulnerability CVE-2014-0586: Information

Description

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0590.

Severity: CRITICAL (10.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-0586
Published: Nov. 12, 2014
Modified: Dec. 13, 2018
Error type identifier: CWE-94

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
adobe-flash-playerp911-alt3532-alt1110ALT-PU-2014-2342-1134540Fixed
adobe-flash-playerc9f211-alt3532-alt117ALT-PU-2014-2342-1134540Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
  • Patch
  • Vendor Advisory
openSUSE-SU-2015:0725
  • Mailing List
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

      Configuration 2

      cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
      End including
      15.0.0.356

      Configuration 4

      cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
      End including
      15.0.0.356

      Configuration 5

      cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
      End excliding
      15.0.0.356
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top