Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2014-0497 | First vendor Publication | 2014-02-05 |
Vendor | Cve | Last vendor Modification | 2018-12-13 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0497 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:22390 | |||
Oval ID: | oval:org.mitre.oval:def:22390 | ||
Title: | RHSA-2014:0137: flash-plugin security update (Critical) | ||
Description: | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0137-00 CVE-2014-0497 | Version: | 8 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 | Product(s): | flash-plugin |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22436 | |||
Oval ID: | oval:org.mitre.oval:def:22436 | ||
Title: | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows allows remote attackers to execute arbitrary code via unspecified vectors (CVE-2014-0497) | ||
Description: | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0497 | Version: | 9 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24193 | |||
Oval ID: | oval:org.mitre.oval:def:24193 | ||
Title: | ELSA-2014:0137: flash-plugin security update (Critical) | ||
Description: | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0137-00 CVE-2014-0497 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | flash-plugin |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25327 | |||
Oval ID: | oval:org.mitre.oval:def:25327 | ||
Title: | SUSE-SU-2014:0221-1 -- Security update for flash-player | ||
Description: | This update resolves an integer underflow vulnerability that could have been exploited to execute arbitrary code on the affected system (CVE-2014-0497). More information: http://helpx.adobe.com/security/products/flash-player/apsb14 -04.html <http://helpx.adobe.com/security/products/flash-player/apsb1 4-04.html> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0221-1 CVE-2014-0497 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | flash-player |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2014-05-06 | Adobe Flash Player Integer Underflow Remote Code Execution |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-02-06 | IAVM : 2014-A-0020 - Adobe Flash Player Remote Code Execution Vulnerability Severity : Category I - VMSKEY : V0043920 |
Snort® IPS/IDS
Date | Description |
---|---|
2016-08-09 | Adobe Flash Player integer underflow attempt RuleID : 39458 - Revision : 1 - Type : FILE-FLASH |
2016-08-09 | Adobe Flash Player integer underflow attempt RuleID : 39457 - Revision : 2 - Type : FILE-FLASH |
2016-04-26 | Adobe Flash Player integer underflow attempt RuleID : 38311 - Revision : 1 - Type : FILE-FLASH |
2016-04-26 | Adobe Flash Player integer underflow attempt RuleID : 38310 - Revision : 2 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player integer underflow attempt RuleID : 37809 - Revision : 1 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player integer underflow attempt RuleID : 37808 - Revision : 2 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player integer underflow attempt RuleID : 37807 - Revision : 2 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player integer underflow attempt RuleID : 37806 - Revision : 2 - Type : FILE-FLASH |
2014-03-08 | Adobe Flash Player integer underflow attempt RuleID : 29634 - Revision : 7 - Type : FILE-FLASH |
2014-03-08 | Adobe Flash Player integer underflow attempt RuleID : 29633 - Revision : 6 - Type : FILE-FLASH |
2014-03-08 | Adobe Flash Player integer underflow attempt RuleID : 29632 - Revision : 6 - Type : FILE-FLASH |
2014-03-08 | Adobe Flash Player integer underflow attempt RuleID : 29631 - Revision : 7 - Type : FILE-FLASH |
2014-03-08 | Win.Trojan.Keylogger inbound connection RuleID : 29616 - Revision : 10 - Type : MALWARE-CNC |
2014-03-08 | Win.Trojan.Keylogger outbound connection RuleID : 29615 - Revision : 9 - Type : MALWARE-CNC |
Metasploit Database
id | Description |
---|---|
2014-02-05 | Adobe Flash Player Integer Underflow Remote Code Execution |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-109.nasl - Type : ACT_GATHER_INFO |
2014-02-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_flash-player-140206.nasl - Type : ACT_GATHER_INFO |
2014-02-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201402-06.nasl - Type : ACT_GATHER_INFO |
2014-02-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-0137.nasl - Type : ACT_GATHER_INFO |
2014-02-05 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b7a7576d8e0a11e399769c4e36909cc0.nasl - Type : ACT_GATHER_INFO |
2014-02-04 | Name : The remote Windows host has a browser plugin that is affected by a code execu... File : flash_player_apsb14-04.nasl - Type : ACT_GATHER_INFO |
2014-02-04 | Name : The remote Mac OS X host has a browser plugin that is affected by a code exec... File : macosx_flash_player_12_0_0_44.nasl - Type : ACT_GATHER_INFO |
2014-02-04 | Name : The remote host has an ActiveX control installed that is affected by a remote... File : smb_kb2929825.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:04 |
|
2020-05-23 01:50:50 |
|
2020-05-23 00:39:30 |
|
2019-07-30 12:06:05 |
|
2019-06-15 12:05:46 |
|
2019-06-07 12:05:41 |
|
2018-12-13 21:19:38 |
|
2018-10-30 12:06:34 |
|
2018-03-02 01:00:49 |
|
2018-01-03 09:21:55 |
|
2017-09-08 12:04:13 |
|
2017-01-07 09:25:18 |
|
2016-11-04 01:00:43 |
|
2016-10-18 12:03:37 |
|
2016-10-15 12:03:10 |
|
2016-09-17 12:01:39 |
|
2016-07-14 12:00:33 |
|
2016-06-28 22:31:37 |
|
2016-04-27 00:06:35 |
|
2014-06-14 13:36:56 |
|
2014-05-07 17:23:09 |
|
2014-05-05 21:20:33 |
|
2014-03-08 21:20:38 |
|
2014-02-21 13:23:25 |
|
2014-02-17 11:25:04 |
|
2014-02-14 17:19:01 |
|
2014-02-12 13:23:27 |
|
2014-02-08 00:21:23 |
|
2014-02-05 21:21:04 |
|
2014-02-05 13:19:26 |
|