CVE-2014-0547: Buffer Overflow
First published: Wed Sep 10 2014(Updated: )
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | <=13.0.0.241 | |
| Macromedia Flash Player | =13.0.0.182 | |
| Macromedia Flash Player | =13.0.0.201 | |
| Macromedia Flash Player | =13.0.0.206 | |
| Macromedia Flash Player | =13.0.0.214 | |
| Macromedia Flash Player | =13.0.0.223 | |
| Macromedia Flash Player | =13.0.0.231 | |
| Macromedia Flash Player | =14.0.0.125 | |
| Macromedia Flash Player | =14.0.0.145 | |
| Macromedia Flash Player | =14.0.0.176 | |
| Macromedia Flash Player | =14.0.0.179 | |
| Macromedia Flash Player | =15.0.0.144 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Macromedia Flash Player | <=11.2.202.400 | |
| Macromedia Flash Player | =11.2.202.223 | |
| Macromedia Flash Player | =11.2.202.228 | |
| Macromedia Flash Player | =11.2.202.233 | |
| Macromedia Flash Player | =11.2.202.235 | |
| Macromedia Flash Player | =11.2.202.236 | |
| Macromedia Flash Player | =11.2.202.238 | |
| Macromedia Flash Player | =11.2.202.243 | |
| Macromedia Flash Player | =11.2.202.251 | |
| Macromedia Flash Player | =11.2.202.258 | |
| Macromedia Flash Player | =11.2.202.261 | |
| Macromedia Flash Player | =11.2.202.262 | |
| Macromedia Flash Player | =11.2.202.270 | |
| Macromedia Flash Player | =11.2.202.273 | |
| Macromedia Flash Player | =11.2.202.275 | |
| Macromedia Flash Player | =11.2.202.280 | |
| Macromedia Flash Player | =11.2.202.285 | |
| Macromedia Flash Player | =11.2.202.291 | |
| Macromedia Flash Player | =11.2.202.297 | |
| Macromedia Flash Player | =11.2.202.310 | |
| Macromedia Flash Player | =11.2.202.332 | |
| Macromedia Flash Player | =11.2.202.335 | |
| Macromedia Flash Player | =11.2.202.336 | |
| Macromedia Flash Player | =11.2.202.341 | |
| Macromedia Flash Player | =11.2.202.346 | |
| Macromedia Flash Player | =11.2.202.350 | |
| Macromedia Flash Player | =11.2.202.356 | |
| Macromedia Flash Player | =11.2.202.359 | |
| Macromedia Flash Player | =11.2.202.378 | |
| Macromedia Flash Player | =11.2.202.394 | |
| Linux Kernel | ||
| Adobe | <=14.0.0.179 | |
| Adobe | =13.0.0.83 | |
| Adobe | =13.0.0.111 | |
| Adobe | =14.0.0.110 | |
| Adobe | =14.0.0.137 | |
| Android | ||
| Adobe AIR SDK | <=14.0.0.137 | |
| Adobe AIR SDK | =13.0.0.83 | |
| Adobe AIR SDK | =13.0.0.111 | |
| Adobe AIR SDK | =14.0.0.110 | |
| Adobe | <=14.0.0.178 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html
- http://secunia.com/advisories/61089
- http://security.gentoo.org/glsa/glsa-201409-05.xml
- http://www.securityfocus.com/bid/69695
- http://www.securitytracker.com/id/1030822
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95817
Frequently Asked Questions
What is the severity of CVE-2014-0547?
CVE-2014-0547 has a critical severity rating due to the potential for remote code execution vulnerabilities.
How do I fix CVE-2014-0547?
To fix CVE-2014-0547, update Adobe Flash Player to version 13.0.0.244 or later for Windows and OS X, 11.2.202.406 or later for Linux, and ensure Adobe AIR is updated to version 15.0.0.249 or later.
Which versions are affected by CVE-2014-0547?
CVE-2014-0547 affects Adobe Flash Player versions prior to 13.0.0.244, 14.x before 15.0.0.152, and Adobe AIR versions prior to 15.0.0.249.
How does CVE-2014-0547 exploit occur?
CVE-2014-0547 exploits occur through vulnerabilities that allow attackers to execute arbitrary code on the user's system via malicious Flash content.
What platforms are impacted by CVE-2014-0547?
CVE-2014-0547 impacts multiple platforms including Windows, macOS, and Linux, specifically older versions of Adobe Flash Player and Adobe AIR.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/13.0.0.241
- version/macromedia flash player/13.0.0.182
- version/macromedia flash player/13.0.0.201
- version/macromedia flash player/13.0.0.206
- version/macromedia flash player/13.0.0.214
- version/macromedia flash player/13.0.0.223
- version/macromedia flash player/13.0.0.231
- version/macromedia flash player/14.0.0.125
- version/macromedia flash player/14.0.0.145
- version/macromedia flash player/14.0.0.176
- version/macromedia flash player/14.0.0.179
- version/macromedia flash player/15.0.0.144
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- version/macromedia flash player/11.2.202.400
- version/macromedia flash player/11.2.202.223
- version/macromedia flash player/11.2.202.228
- version/macromedia flash player/11.2.202.233
- version/macromedia flash player/11.2.202.235
- version/macromedia flash player/11.2.202.236
- version/macromedia flash player/11.2.202.238
- version/macromedia flash player/11.2.202.243
- version/macromedia flash player/11.2.202.251
- version/macromedia flash player/11.2.202.258
- version/macromedia flash player/11.2.202.261
- version/macromedia flash player/11.2.202.262
- version/macromedia flash player/11.2.202.270
- version/macromedia flash player/11.2.202.273
- version/macromedia flash player/11.2.202.275
- version/macromedia flash player/11.2.202.280
- version/macromedia flash player/11.2.202.285
- version/macromedia flash player/11.2.202.291
- version/macromedia flash player/11.2.202.297
- version/macromedia flash player/11.2.202.310
- version/macromedia flash player/11.2.202.332
- version/macromedia flash player/11.2.202.335
- version/macromedia flash player/11.2.202.336
- version/macromedia flash player/11.2.202.341
- version/macromedia flash player/11.2.202.346
- version/macromedia flash player/11.2.202.350
- version/macromedia flash player/11.2.202.356
- version/macromedia flash player/11.2.202.359
- version/macromedia flash player/11.2.202.378
- version/macromedia flash player/11.2.202.394
- vendor/linux
- canonical/linux kernel
- canonical/adobe
- version/adobe/14.0.0.179
- version/adobe/13.0.0.83
- version/adobe/13.0.0.111
- version/adobe/14.0.0.110
- version/adobe/14.0.0.137
- vendor/google
- canonical/android
- canonical/adobe air sdk
- version/adobe air sdk/14.0.0.137
- version/adobe air sdk/13.0.0.83
- version/adobe air sdk/13.0.0.111
- version/adobe air sdk/14.0.0.110
- version/adobe/14.0.0.178