Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2014-0544

Published: Aug 12, 2014 | Modified: Jan 07, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2014-0544
CWEhttps://cwe.mitre.org/data/definitions/264.html

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, and CVE-2014-0545.

Affected Software

Name Vendor Start Version End Version
Flash_player Adobe * 13.0.0.231
Flash_player Adobe 13.0.0.182 13.0.0.182
Flash_player Adobe 13.0.0.201 13.0.0.201
Flash_player Adobe 13.0.0.206 13.0.0.206
Flash_player Adobe 13.0.0.214 13.0.0.214
Flash_player Adobe 13.0.0.223 13.0.0.223
Flash_player Adobe 14.0.0.125 14.0.0.125
Flash_player Adobe 14.0.0.145 14.0.0.145

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use