CVE-2014-0536: Buffer Overflow
First published: Wed Jun 11 2014(Updated: )
Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | <=11.2.202.359 | |
| Macromedia Flash Player | =11.2.202.223 | |
| Macromedia Flash Player | =11.2.202.228 | |
| Macromedia Flash Player | =11.2.202.233 | |
| Macromedia Flash Player | =11.2.202.235 | |
| Macromedia Flash Player | =11.2.202.236 | |
| Macromedia Flash Player | =11.2.202.238 | |
| Macromedia Flash Player | =11.2.202.243 | |
| Macromedia Flash Player | =11.2.202.251 | |
| Macromedia Flash Player | =11.2.202.258 | |
| Macromedia Flash Player | =11.2.202.261 | |
| Macromedia Flash Player | =11.2.202.262 | |
| Macromedia Flash Player | =11.2.202.270 | |
| Macromedia Flash Player | =11.2.202.273 | |
| Macromedia Flash Player | =11.2.202.275 | |
| Macromedia Flash Player | =11.2.202.280 | |
| Macromedia Flash Player | =11.2.202.285 | |
| Macromedia Flash Player | =11.2.202.291 | |
| Macromedia Flash Player | =11.2.202.297 | |
| Macromedia Flash Player | =11.2.202.310 | |
| Macromedia Flash Player | =11.2.202.332 | |
| Macromedia Flash Player | =11.2.202.335 | |
| Macromedia Flash Player | =11.2.202.336 | |
| Macromedia Flash Player | =11.2.202.341 | |
| Macromedia Flash Player | =11.2.202.346 | |
| Macromedia Flash Player | =11.2.202.350 | |
| Macromedia Flash Player | =11.2.202.356 | |
| Linux Kernel | ||
| Macromedia Flash Player | <=13.0.0.214 | |
| Macromedia Flash Player | =13.0.0.182 | |
| Macromedia Flash Player | =13.0.0.201 | |
| Macromedia Flash Player | =13.0.0.206 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Adobe AIR SDK | <=13.0.0.111 | |
| Adobe AIR SDK | =13.0.0.83 | |
| Adobe | <=13.0.0.111 | |
| Adobe | =13.0.0.83 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://helpx.adobe.com/security/products/flash-player/apsb14-16.html
- http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.html
- http://lists.opensuse.org/opensuse-updates/2014-06/msg00029.html
- http://lists.opensuse.org/opensuse-updates/2014-06/msg00030.html
- http://rhn.redhat.com/errata/RHSA-2014-0745.html
- http://secunia.com/advisories/58390
- http://secunia.com/advisories/58465
- http://secunia.com/advisories/58585
- http://secunia.com/advisories/59053
- http://secunia.com/advisories/59304
- http://security.gentoo.org/glsa/glsa-201406-17.xml
- http://www.securityfocus.com/bid/67961
- http://www.securitytracker.com/id/1030368
Frequently Asked Questions
What is the severity of CVE-2014-0536?
CVE-2014-0536 has a critical severity rating, allowing attackers to execute arbitrary code or cause a denial of service.
How do I fix CVE-2014-0536?
To fix CVE-2014-0536, update Adobe Flash Player to version 13.0.0.223 or later for Windows and OS X, or version 11.2.202.378 or later for Linux.
Which versions of Adobe Flash Player are affected by CVE-2014-0536?
Affected versions include Adobe Flash Player before 13.0.0.223 on Windows and OS X, and before 11.2.202.378 on Linux.
Does CVE-2014-0536 affect Adobe AIR?
Yes, CVE-2014-0536 affects Adobe AIR versions prior to 14.0.0.110.
What systems are vulnerable to CVE-2014-0536?
CVE-2014-0536 affects systems running vulnerable versions of Adobe Flash Player on Windows, macOS, and Linux.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/11.2.202.359
- version/macromedia flash player/11.2.202.223
- version/macromedia flash player/11.2.202.228
- version/macromedia flash player/11.2.202.233
- version/macromedia flash player/11.2.202.235
- version/macromedia flash player/11.2.202.236
- version/macromedia flash player/11.2.202.238
- version/macromedia flash player/11.2.202.243
- version/macromedia flash player/11.2.202.251
- version/macromedia flash player/11.2.202.258
- version/macromedia flash player/11.2.202.261
- version/macromedia flash player/11.2.202.262
- version/macromedia flash player/11.2.202.270
- version/macromedia flash player/11.2.202.273
- version/macromedia flash player/11.2.202.275
- version/macromedia flash player/11.2.202.280
- version/macromedia flash player/11.2.202.285
- version/macromedia flash player/11.2.202.291
- version/macromedia flash player/11.2.202.297
- version/macromedia flash player/11.2.202.310
- version/macromedia flash player/11.2.202.332
- version/macromedia flash player/11.2.202.335
- version/macromedia flash player/11.2.202.336
- version/macromedia flash player/11.2.202.341
- version/macromedia flash player/11.2.202.346
- version/macromedia flash player/11.2.202.350
- version/macromedia flash player/11.2.202.356
- vendor/linux
- canonical/linux kernel
- version/macromedia flash player/13.0.0.214
- version/macromedia flash player/13.0.0.182
- version/macromedia flash player/13.0.0.201
- version/macromedia flash player/13.0.0.206
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- canonical/adobe air sdk
- version/adobe air sdk/13.0.0.111
- version/adobe air sdk/13.0.0.83
- canonical/adobe
- version/adobe/13.0.0.111
- version/adobe/13.0.0.83