CVE-2014-0537
First published: Wed Jul 09 2014(Updated: )
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0539.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe AIR SDK | <=14.0.0.110 | |
| Adobe AIR SDK | =13.0.0.83 | |
| Adobe AIR SDK | =13.0.0.111 | |
| Macromedia Flash Player | <=13.0.0.223 | |
| Macromedia Flash Player | =13.0.0.182 | |
| Macromedia Flash Player | =13.0.0.201 | |
| Macromedia Flash Player | =13.0.0.206 | |
| Macromedia Flash Player | =13.0.0.214 | |
| Macromedia Flash Player | =14.0.0.125 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Adobe | <=14.0.0.110 | |
| Adobe | =13.0.0.83 | |
| Adobe | =13.0.0.111 | |
| Macromedia Flash Player | <=11.2.202.378 | |
| Macromedia Flash Player | =11.2.202.223 | |
| Macromedia Flash Player | =11.2.202.228 | |
| Macromedia Flash Player | =11.2.202.233 | |
| Macromedia Flash Player | =11.2.202.235 | |
| Macromedia Flash Player | =11.2.202.236 | |
| Macromedia Flash Player | =11.2.202.238 | |
| Macromedia Flash Player | =11.2.202.243 | |
| Macromedia Flash Player | =11.2.202.251 | |
| Macromedia Flash Player | =11.2.202.258 | |
| Macromedia Flash Player | =11.2.202.261 | |
| Macromedia Flash Player | =11.2.202.262 | |
| Macromedia Flash Player | =11.2.202.270 | |
| Macromedia Flash Player | =11.2.202.273 | |
| Macromedia Flash Player | =11.2.202.275 | |
| Macromedia Flash Player | =11.2.202.280 | |
| Macromedia Flash Player | =11.2.202.285 | |
| Macromedia Flash Player | =11.2.202.291 | |
| Macromedia Flash Player | =11.2.202.297 | |
| Macromedia Flash Player | =11.2.202.310 | |
| Macromedia Flash Player | =11.2.202.332 | |
| Macromedia Flash Player | =11.2.202.335 | |
| Macromedia Flash Player | =11.2.202.336 | |
| Macromedia Flash Player | =11.2.202.341 | |
| Macromedia Flash Player | =11.2.202.346 | |
| Macromedia Flash Player | =11.2.202.350 | |
| Macromedia Flash Player | =11.2.202.356 | |
| Macromedia Flash Player | =11.2.202.359 | |
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://helpx.adobe.com/security/products/flash-player/apsb14-17.html
- http://rhn.redhat.com/errata/RHSA-2014-0860.html
- http://secunia.com/advisories/59774
- http://secunia.com/advisories/59837
- http://security.gentoo.org/glsa/glsa-201407-02.xml
- http://www.securityfocus.com/bid/68455
- http://www.securitytracker.com/id/1030533
Frequently Asked Questions
What is the severity of CVE-2014-0537?
CVE-2014-0537 is classified as a critical vulnerability that allows attackers to bypass intended access restrictions.
How do I fix CVE-2014-0537?
To fix CVE-2014-0537, update Adobe Flash Player to version 13.0.0.231 or later for Windows and OS X, version 11.2.202.394 or later for Linux, or update Adobe AIR to version 14.0.0.137 or later.
What versions are affected by CVE-2014-0537?
CVE-2014-0537 affects Adobe Flash Player versions before 13.0.0.231 on Windows and OS X, and before 11.2.202.394 on Linux, along with specific versions of Adobe AIR.
Is CVE-2014-0537 still exploitable?
Yes, CVE-2014-0537 remains exploitable if the affected versions of Adobe Flash Player or Adobe AIR are not updated.
What should I do if I can't update to fix CVE-2014-0537?
If you cannot update to fix CVE-2014-0537, consider disabling Adobe Flash Player or using alternative software to mitigate the risk.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe air sdk
- version/adobe air sdk/14.0.0.110
- version/adobe air sdk/13.0.0.83
- version/adobe air sdk/13.0.0.111
- canonical/macromedia flash player
- version/macromedia flash player/13.0.0.223
- version/macromedia flash player/13.0.0.182
- version/macromedia flash player/13.0.0.201
- version/macromedia flash player/13.0.0.206
- version/macromedia flash player/13.0.0.214
- version/macromedia flash player/14.0.0.125
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- canonical/adobe
- version/adobe/14.0.0.110
- version/adobe/13.0.0.83
- version/adobe/13.0.0.111
- version/macromedia flash player/11.2.202.378
- version/macromedia flash player/11.2.202.223
- version/macromedia flash player/11.2.202.228
- version/macromedia flash player/11.2.202.233
- version/macromedia flash player/11.2.202.235
- version/macromedia flash player/11.2.202.236
- version/macromedia flash player/11.2.202.238
- version/macromedia flash player/11.2.202.243
- version/macromedia flash player/11.2.202.251
- version/macromedia flash player/11.2.202.258
- version/macromedia flash player/11.2.202.261
- version/macromedia flash player/11.2.202.262
- version/macromedia flash player/11.2.202.270
- version/macromedia flash player/11.2.202.273
- version/macromedia flash player/11.2.202.275
- version/macromedia flash player/11.2.202.280
- version/macromedia flash player/11.2.202.285
- version/macromedia flash player/11.2.202.291
- version/macromedia flash player/11.2.202.297
- version/macromedia flash player/11.2.202.310
- version/macromedia flash player/11.2.202.332
- version/macromedia flash player/11.2.202.335
- version/macromedia flash player/11.2.202.336
- version/macromedia flash player/11.2.202.341
- version/macromedia flash player/11.2.202.346
- version/macromedia flash player/11.2.202.350
- version/macromedia flash player/11.2.202.356
- version/macromedia flash player/11.2.202.359
- vendor/linux
- canonical/linux kernel