| Summary |
Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. |
| nessus
via4
|
| NASL family | SuSE Local Security Checks | | NASL id | OPENSUSE-2014-307.NASL | | description | This flash-player update fixes several security issues :
- bnc#872692: Security update to 11.2.202.350 :
- APSB14-09, CVE-2014-0506, CVE-2014-0507, CVE-2014-0508, CVE-2014-0509 | | last seen | 2019-02-21 | | modified | 2018-11-10 | | plugin id | 75328 | | published | 2014-06-13 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=75328 | | title | openSUSE Security Update : flash-player (openSUSE-SU-2014:0549-1) |
| NASL family | Windows | | NASL id | SMB_KB2942844.NASL | | description | The remote host is missing KB2942844. It is, therefore, affected by the following vulnerabilities :
- A use-after-free error exists that could lead to arbitrary code execution. (CVE-2014-0506)
- A buffer overflow error exists that could lead to arbitrary code execution. (CVE-2014-0507)
- An unspecified error exists that could allow a security bypass leading to information disclosure.
(CVE-2014-0508)
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2014-0509) | | last seen | 2019-02-21 | | modified | 2018-11-15 | | plugin id | 73418 | | published | 2014-04-08 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73418 | | title | MS KB2942844: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer |
| NASL family | Gentoo Local Security Checks | | NASL id | GENTOO_GLSA-201405-04.NASL | | description | The remote host is affected by the vulnerability described in GLSA-201405-04 (Adobe Flash Player: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.
Impact :
A remote attacker could entice a user to open a specially crafted SWF file using Adobe Flash Player, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass the Same Origin Policy or read the clipboard via unspecified vectors.
Workaround :
There is no known workaround at this time. | | last seen | 2019-02-21 | | modified | 2018-07-12 | | plugin id | 73860 | | published | 2014-05-05 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73860 | | title | GLSA-201405-04 : Adobe Flash Player: Multiple vulnerabilities |
| NASL family | SuSE Local Security Checks | | NASL id | SUSE_11_FLASH-PLAYER-140411.NASL | | description | Adobe flash-player has been updated to version 11.2.202.350 to resolve security issues and bugs. More information can be found at
http://helpx.adobe.com/security/products/flash-player/apsb14-09.html
The following security issues have been fixed :
- a use-after-free vulnerability that could have resulted in arbitrary code execution. (CVE-2014-0506)
- a buffer overflow vulnerability that could have resulted in arbitrary code execution. (CVE-2014-0507)
- a security bypass vulnerability that could have lead to information disclosure. (CVE-2014-0508)
- a cross-site scripting vulnerability. (CVE-2014-0509) | | last seen | 2019-02-21 | | modified | 2014-04-17 | | plugin id | 73591 | | published | 2014-04-17 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73591 | | title | SuSE 11.3 Security Update : flash-player (SAT Patch Number 9120) |
| NASL family | MacOS X Local Security Checks | | NASL id | MACOSX_FLASH_PLAYER_13_0_0_182.NASL | | description | According to its version, the instance of Flash Player installed on the remote Mac OS X host is equal or prior to 11.7.700.272 / 11.8.x / 11.9.x / 12.0.0.77. It is, therefore, potentially affected by multiple vulnerabilities :
- A use-after-free error exists that could lead to arbitrary code execution. (CVE-2014-0506)
- A buffer overflow error exists that could lead to arbitrary code execution. (CVE-2014-0507)
- An unspecified error exists that could allow a security bypass leading to information disclosure.
(CVE-2014-0508)
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2014-0509) | | last seen | 2019-02-21 | | modified | 2018-07-14 | | plugin id | 73435 | | published | 2014-04-09 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73435 | | title | Flash Player for Mac <= 11.7.700.272 / 12.0.0.77 Multiple Vulnerabilities (APSB14-09) (Mac OS X) |
| NASL family | Windows | | NASL id | FLASH_PLAYER_APSB14-09.NASL | | description | According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.272 / 11.8.x / 11.9.x / 12.0.0.77. It is, therefore, potentially affected multiple vulnerabilities :
- A use-after-free error exists that could lead to arbitrary code execution. (CVE-2014-0506)
- A buffer overflow error exists that could lead to arbitrary code execution. (CVE-2014-0507)
- An unspecified error exists that could allow a security bypass leading to information disclosure.
(CVE-2014-0508)
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2014-0509) | | last seen | 2019-02-21 | | modified | 2018-11-15 | | plugin id | 73433 | | published | 2014-04-09 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73433 | | title | Flash Player <= 11.7.700.272 / 12.0.0.77 Multiple Vulnerabilities (APSB14-09) |
| NASL family | MacOS X Local Security Checks | | NASL id | MACOSX_ADOBE_AIR_13_0_0_83.NASL | | description | According to its version, the instance of Adobe AIR on the remote Mac OS X host is 4.0.0.1628 or earlier. It is, therefore, reportedly affected by the following vulnerabilities :
- A use-after-free error exists that could lead to arbitrary code execution. (CVE-2014-0506)
- A buffer overflow error exists that could lead to arbitrary code execution. (CVE-2014-0507)
- An unspecified error exists that could allow a security bypass leading to information disclosure.
(CVE-2014-0508)
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2014-0509) | | last seen | 2019-02-21 | | modified | 2018-07-14 | | plugin id | 73434 | | published | 2014-04-09 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73434 | | title | Adobe AIR for Mac <= 4.0.0.1628 Multiple Vulnerabilities (APSB14-09) |
| NASL family | Windows | | NASL id | GOOGLE_CHROME_34_0_1847_116.NASL | | description | The version of Google Chrome installed on the remote host is a version prior to 34.0.1847.116. It is, therefore, affected by the following vulnerabilities :
- A use-after-free error exists in the included Flash version that could lead to arbitrary code execution.
(CVE-2014-0506)
- A buffer overflow error exists in the included Flash version that could lead to arbitrary code execution.
(CVE-2014-0507)
- An unspecified error exists in the included Flash version that could allow a security bypass leading to information disclosure. (CVE-2014-0508)
- An unspecified error exists in the included Flash version that could allow cross-site scripting attacks.
(CVE-2014-0509)
- An unspecified flaw exists related to IPC message injection that allows an unauthenticated, remote attacker to bypass sandbox restrictions. (CVE-2014-1709)
- An input validation error exists that could allow universal cross-site scripting (UXSS) attacks.
(CVE-2014-1716)
- An unspecified out-of-bounds access error exists related to the V8 JavaScript engine. (CVE-2014-1717)
- An integer overflow error exists related to the compositor. (CVE-2014-1718)
- Use-after-free errors exist related to web workers, DOM processing, rendering, speech handling and forms handling. (CVE-2014-1719, CVE-2014-1720, CVE-2014-1722, CVE-2014-1724, CVE-2014-1727)
- An unspecified memory corruption error exists related to the V8 JavaScript engine. (CVE-2014-1721)
- An URL confusion error exists related to handling RTL characters. (CVE-2014-1723)
- An out-of-bounds read error exists related to handling 'window property' processing. (CVE-2014-1725)
- An unspecified error exists that could allow local cross-origin bypasses. (CVE-2014-1726)
- Various, unspecified memory handling errors exist.
(CVE-2014-1728)
- Various, unspecified errors exist related to the V8 JavaScript engine. (CVE-2014-1729)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. | | last seen | 2019-02-21 | | modified | 2018-07-12 | | plugin id | 73419 | | published | 2014-04-08 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73419 | | title | Google Chrome < 34.0.1847.116 Multiple Vulnerabilities |
| NASL family | Windows | | NASL id | ADOBE_AIR_APSB14-09.NASL | | description | According to its version, the instance of Adobe AIR on the remote Windows host is 4.0.0.1628 or earlier. It is, therefore, potentially affected by the following vulnerabilities :
- A use-after-free error exists that could lead to arbitrary code execution. (CVE-2014-0506)
- A buffer overflow error exists that could lead to arbitrary code execution. (CVE-2014-0507)
- An unspecified error exists that could allow a security bypass leading to information disclosure.
(CVE-2014-0508)
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2014-0509) | | last seen | 2019-02-21 | | modified | 2018-11-15 | | plugin id | 73432 | | published | 2014-04-09 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73432 | | title | Adobe AIR <= AIR 4.0.0.1628 Multiple Vulnerabilities (APSB14-09) |
| NASL family | MacOS X Local Security Checks | | NASL id | MACOSX_GOOGLE_CHROME_34_0_1847_116.NASL | | description | The version of Google Chrome installed on the remote Mac OS X host is a version prior to 34.0.1847.116. It is, therefore, affected by the following vulnerabilities :
- A use-after-free error exists in the included Flash version that could lead to arbitrary code execution.
(CVE-2014-0506)
- A buffer overflow error exists in the included Flash version that could lead to arbitrary code execution.
(CVE-2014-0507)
- An unspecified error exists in the included Flash version that could allow a security bypass leading to information disclosure. (CVE-2014-0508)
- An unspecified error exists in the included Flash version that could allow cross-site scripting attacks.
(CVE-2014-0509)
- An unspecified flaw exists related to IPC message injection that allows an unauthenticated, remote attacker to bypass sandbox restrictions. (CVE-2014-1709)
- An input validation error exists that could allow universal cross-site scripting (UXSS) attacks.
(CVE-2014-1716)
- An unspecified out-of-bounds access error exists related to the V8 JavaScript engine. (CVE-2014-1717)
- An integer overflow error exists related to the compositor. (CVE-2014-1718)
- Use-after-free errors exist related to web workers, DOM processing, rendering, speech handling and forms handling. (CVE-2014-1719, CVE-2014-1720, CVE-2014-1722, CVE-2014-1724, CVE-2014-1727)
- An unspecified memory corruption error exists related to the V8 JavaScript engine. (CVE-2014-1721)
- An URL confusion error exists related to handling RTL characters. (CVE-2014-1723)
- An out-of-bounds read error exists related to handling 'window property' processing. (CVE-2014-1725)
- An unspecified error exists that could allow local cross-origin bypasses. (CVE-2014-1726)
- Various, unspecified memory handling errors exist.
(CVE-2014-1728)
- Various, unspecified errors exist related to the V8 JavaScript engine. (CVE-2014-1729)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. | | last seen | 2019-02-21 | | modified | 2018-07-14 | | plugin id | 73420 | | published | 2014-04-08 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73420 | | title | Google Chrome < 34.0.1847.116 Multiple Vulnerabilities (Mac OS X) |
| NASL family | Red Hat Local Security Checks | | NASL id | REDHAT-RHSA-2014-0380.NASL | | description | An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player.
These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-09, listed in the References section.
Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0506, CVE-2014-0507)
A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0508)
A flaw in flash-plugin could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially crafted web page. (CVE-2014-0509)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.350. | | last seen | 2019-02-21 | | modified | 2019-01-02 | | plugin id | 73451 | | published | 2014-04-10 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=73451 | | title | RHEL 5 / 6 : flash-plugin (RHSA-2014:0380) |
|
