Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-0588.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Flash_player | Adobe | 13.0 (including) | 13.0.0.252 (excluding) |
| Flash_player | Adobe | 14.0 (including) | 14.0.0.179 (including) |
| Flash_player | Adobe | 15.0 (including) | 15.0.0.223 (excluding) |
| Red Hat Enterprise Linux 5 Supplementary | RedHat | flash-plugin-0:11.2.202.418-1.el5 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | flash-plugin-0:11.2.202.418-1.el6 | * |
| Adobe-flashplugin | Ubuntu | lucid | * |
| Adobe-flashplugin | Ubuntu | precise | * |
| Adobe-flashplugin | Ubuntu | trusty | * |
| Adobe-flashplugin | Ubuntu | upstream | * |
| Adobe-flashplugin | Ubuntu | utopic | * |
| Flashplugin-nonfree | Ubuntu | devel | * |
| Flashplugin-nonfree | Ubuntu | lucid | * |
| Flashplugin-nonfree | Ubuntu | precise | * |
| Flashplugin-nonfree | Ubuntu | trusty | * |
| Flashplugin-nonfree | Ubuntu | upstream | * |
| Flashplugin-nonfree | Ubuntu | utopic | * |
References
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
- http://www.securityfocus.com/bid/71049
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98619
- http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
- http://www.securityfocus.com/bid/71049
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98619