CVE-2014-0533: XSS

First published: Wed Jun 11 2014(Updated: )

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Flash Player	<=13.0.0.214
Adobe Flash Player	=13.0.0.182
Adobe Flash Player	=13.0.0.201
Adobe Flash Player	=13.0.0.206
Apple Mac OS X
Microsoft Windows
Adobe Adobe Air Sdk	<=13.0.0.111
Adobe Adobe Air Sdk	=13.0.0.83
Adobe Flash Player	<=11.2.202.359
Adobe Flash Player	=11.2.202.223
Adobe Flash Player	=11.2.202.228
Adobe Flash Player	=11.2.202.233
Adobe Flash Player	=11.2.202.235
Adobe Flash Player	=11.2.202.236
Adobe Flash Player	=11.2.202.238
Adobe Flash Player	=11.2.202.243
Adobe Flash Player	=11.2.202.251
Adobe Flash Player	=11.2.202.258
Adobe Flash Player	=11.2.202.261
Adobe Flash Player	=11.2.202.262
Adobe Flash Player	=11.2.202.270
Adobe Flash Player	=11.2.202.273
Adobe Flash Player	=11.2.202.275
Adobe Flash Player	=11.2.202.280
Adobe Flash Player	=11.2.202.285
Adobe Flash Player	=11.2.202.291
Adobe Flash Player	=11.2.202.297
Adobe Flash Player	=11.2.202.310
Adobe Flash Player	=11.2.202.332
Adobe Flash Player	=11.2.202.335
Adobe Flash Player	=11.2.202.336
Adobe Flash Player	=11.2.202.341
Adobe Flash Player	=11.2.202.346
Adobe Flash Player	=11.2.202.350
Adobe Flash Player	=11.2.202.356
Linux Linux kernel
Adobe Adobe Air	<=13.0.0.111
Adobe Adobe Air	=13.0.0.83

Remedy

http://helpx.adobe.com/security/products/flash-player/apsb14-16.html

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/event
agent/severity
agent/description
agent/references
agent/type
agent/weakness
agent/author
agent/tags
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/adobe
canonical/adobe flash player
version/adobe flash player/13.0.0.214
version/adobe flash player/13.0.0.182
version/adobe flash player/13.0.0.201
version/adobe flash player/13.0.0.206
vendor/apple
canonical/apple mac os x
vendor/microsoft
canonical/microsoft windows
canonical/adobe adobe air sdk
version/adobe adobe air sdk/13.0.0.111
version/adobe adobe air sdk/13.0.0.83
version/adobe flash player/11.2.202.359
version/adobe flash player/11.2.202.223
version/adobe flash player/11.2.202.228
version/adobe flash player/11.2.202.233
version/adobe flash player/11.2.202.235
version/adobe flash player/11.2.202.236
version/adobe flash player/11.2.202.238
version/adobe flash player/11.2.202.243
version/adobe flash player/11.2.202.251
version/adobe flash player/11.2.202.258
version/adobe flash player/11.2.202.261
version/adobe flash player/11.2.202.262
version/adobe flash player/11.2.202.270
version/adobe flash player/11.2.202.273
version/adobe flash player/11.2.202.275
version/adobe flash player/11.2.202.280
version/adobe flash player/11.2.202.285
version/adobe flash player/11.2.202.291
version/adobe flash player/11.2.202.297
version/adobe flash player/11.2.202.310
version/adobe flash player/11.2.202.332
version/adobe flash player/11.2.202.335
version/adobe flash player/11.2.202.336
version/adobe flash player/11.2.202.341
version/adobe flash player/11.2.202.346
version/adobe flash player/11.2.202.350
version/adobe flash player/11.2.202.356
vendor/linux
canonical/linux linux kernel
canonical/adobe adobe air
version/adobe adobe air/13.0.0.111
version/adobe adobe air/13.0.0.83

CVE-2014-0533: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact