This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Adobe First view 2014-09-09
Product Adobe Air Last view 2015-01-13
Version 14.0.0.179 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:adobe:adobe_air

Activity : Overall

Related : CVE

  Date Alert Description
10 2015-01-13 CVE-2015-0309

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0304.

10 2015-01-13 CVE-2015-0308

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors.

8.5 2015-01-13 CVE-2015-0307

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

10 2015-01-13 CVE-2015-0306

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0303.

9.3 2015-01-13 CVE-2015-0305

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."

10 2015-01-13 CVE-2015-0304

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309.

10 2015-01-13 CVE-2015-0303

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0306.

5 2015-01-13 CVE-2015-0302

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors.

10 2015-01-13 CVE-2015-0301

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.

10 2014-10-15 CVE-2014-0569

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.

10 2014-10-15 CVE-2014-0564

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558.

10 2014-10-15 CVE-2014-0558

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.

10 2014-09-10 CVE-2014-0554

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors.

10 2014-09-09 CVE-2014-0559

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556.

10 2014-09-09 CVE-2014-0557

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.

10 2014-09-09 CVE-2014-0556

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559.

10 2014-09-09 CVE-2014-0555

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0552.

10 2014-09-09 CVE-2014-0552

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555.

10 2014-09-09 CVE-2014-0551

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555.

10 2014-09-09 CVE-2014-0550

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.

10 2014-09-09 CVE-2014-0549

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.

7.5 2014-09-09 CVE-2014-0548

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

10 2014-09-09 CVE-2014-0547

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.

CWE : Common Weakness Enumeration

%idName
73% (11) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
13% (2) CWE-264 Permissions, Privileges, and Access Controls
6% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
6% (1) CWE-20 Improper Input Validation

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2017-03-02 Adobe Flash Player broker arbitrary file write attempt
RuleID : 41473 - Type : FILE-FLASH - Revision : 2
2017-03-02 Adobe Flash Player broker arbitrary file write attempt
RuleID : 41472 - Type : FILE-FLASH - Revision : 2
2016-10-01 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 40010 - Type : FILE-FLASH - Revision : 1
2016-10-01 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 40009 - Type : FILE-FLASH - Revision : 1
2016-04-26 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 38335 - Type : FILE-FLASH - Revision : 1
2016-04-26 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 38334 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37933 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37932 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37931 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37930 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37927 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37926 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37925 - Type : FILE-FLASH - Revision : 1
2016-04-05 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37924 - Type : FILE-FLASH - Revision : 2
2016-04-05 Shockwave Flash file using doswf packer
RuleID : 37923 - Type : POLICY-OTHER - Revision : 2
2016-03-22 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37723 - Type : FILE-FLASH - Revision : 2
2016-03-22 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37722 - Type : FILE-FLASH - Revision : 2
2016-03-22 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37721 - Type : FILE-FLASH - Revision : 1
2016-03-22 Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt
RuleID : 37720 - Type : FILE-FLASH - Revision : 1
2016-03-22 Adobe Flash copyPixelsToByteArray integer overflow attempt
RuleID : 37711 - Type : FILE-FLASH - Revision : 2
2016-03-22 Adobe Flash copyPixelsToByteArray integer overflow attempt
RuleID : 37710 - Type : FILE-FLASH - Revision : 2
2016-03-22 Adobe Flash copyPixelsToByteArray integer overflow attempt
RuleID : 37709 - Type : FILE-FLASH - Revision : 1
2016-03-22 Adobe Flash copyPixelsToByteArray integer overflow attempt
RuleID : 37708 - Type : FILE-FLASH - Revision : 1
2016-03-15 Adobe Flash copyPixelsToByteArray integer overflow attempt
RuleID : 37645 - Type : FILE-FLASH - Revision : 2
2016-03-15 Adobe Flash copyPixelsToByteArray integer overflow attempt
RuleID : 37644 - Type : FILE-FLASH - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-02-09 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201502-02.nasl - Type: ACT_GATHER_INFO
2015-01-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-81.nasl - Type: ACT_GATHER_INFO
2015-01-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_cc294a2ca23211e48e9f0011d823eebd.nasl - Type: ACT_GATHER_INFO
2015-01-16 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_flash-player-150114.nasl - Type: ACT_GATHER_INFO
2015-01-16 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-30.nasl - Type: ACT_GATHER_INFO
2015-01-15 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2015-0052.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Mac OS X host has a browser plugin that is affected by multiple vu...
File: macosx_flash_player_16_0_0_257.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host contains a version of Adobe AIR that is affected by m...
File: adobe_air_apsb15-01.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host has a browser plugin that is affected by multiple vul...
File: flash_player_apsb15-01.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host contains a web browser that is affected by multiple v...
File: google_chrome_39_0_2171_99.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Mac OS X host contains a version of Adobe AIR that is affected by ...
File: macosx_adobe_air_16_0_0_245.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Mac OS X host contains a web browser that is affected by multiple ...
File: macosx_google_chrome_39_0_2171_99.nasl - Type: ACT_GATHER_INFO
2015-01-13 Name: The remote Windows host has a browser plugin that is affected by multiple vul...
File: smb_kb3024663.nasl - Type: ACT_GATHER_INFO
2014-11-24 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201411-06.nasl - Type: ACT_GATHER_INFO
2014-11-06 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_flash-player-141020.nasl - Type: ACT_GATHER_INFO
2014-10-29 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-603.nasl - Type: ACT_GATHER_INFO
2014-10-16 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2014-1648.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote host has an ActiveX control installed that is affected by multiple...
File: smb_kb3001237.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Mac OS X host contains a web browser that is affected by multiple ...
File: macosx_google_chrome_38_0_2125_104.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Mac OS X host has a browser plugin that is affected by multiple vu...
File: macosx_flash_player_15_0_0_189.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Mac OS X host contains a version of Adobe AIR that is affected by ...
File: macosx_adobe_air_15_0_0_293.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote host contains a web browser that is affected by multiple vulnerabi...
File: google_chrome_38_0_2125_104.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Windows host has a browser plugin that is affected by multiple vul...
File: flash_player_apsb14-22.nasl - Type: ACT_GATHER_INFO
2014-10-15 Name: The remote Windows host contains a version of Adobe AIR that is affected by m...
File: adobe_air_apsb14-22.nasl - Type: ACT_GATHER_INFO
2014-09-26 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_ca44b64c445311e49ea1c485083ca99c.nasl - Type: ACT_GATHER_INFO