What is the severity of CVE-2014-0586?

CVE-2014-0586 is considered a critical vulnerability that can lead to arbitrary code execution.

How do I fix CVE-2014-0586?

To fix CVE-2014-0586, update Adobe Flash Player to version 13.0.0.252 or later, 14.x to 14.0.0.179 or later for compatible versions, or 15.x to 15.0.0.223 or later.

What systems are affected by CVE-2014-0586?

CVE-2014-0586 affects Adobe Flash Player prior to versions 13.0.0.252, 14.x before 14.0.0.179, and 15.x before 15.0.0.223 on various operating systems.

Can CVE-2014-0586 be exploited remotely?

Yes, CVE-2014-0586 can be exploited remotely as it allows attackers to execute arbitrary code.

What should I do if I cannot update due to compatibility issues with CVE-2014-0586?

If you cannot update due to compatibility issues, consider disabling Adobe Flash Player until a secure version compatible with your system is available.

Vulnerability/
CVE-2014-0586

critical

CWE

11/11/2014

6/8/2024

CVE-2014-0586: Code Injection

First published: Tue Nov 11 2014(Updated: )

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2014-0577, CVE-2014-0584, CVE-2014-0585, and CVE-2014-0590.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Macromedia Flash Player	>=13.0<13.0.0.252
Macromedia Flash Player	>=14.0<=14.0.0.179
Macromedia Flash Player	>=15.0<15.0.0.223
Apple iOS and macOS
Microsoft Windows Operating System
Macromedia Flash Player	>=11.0<11.2.202.418
Linux Kernel
Adobe AIR	<=15.0.0.356
Adobe	<=15.0.0.356
Adobe AIR SDK & Compiler	<15.0.0.356

Remedy

http://helpx.adobe.com/security/products/flash-player/apsb14-24.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0586?
CVE-2014-0586 is considered a critical vulnerability that can lead to arbitrary code execution.
How do I fix CVE-2014-0586?
To fix CVE-2014-0586, update Adobe Flash Player to version 13.0.0.252 or later, 14.x to 14.0.0.179 or later for compatible versions, or 15.x to 15.0.0.223 or later.
What systems are affected by CVE-2014-0586?
CVE-2014-0586 affects Adobe Flash Player prior to versions 13.0.0.252, 14.x before 14.0.0.179, and 15.x before 15.0.0.223 on various operating systems.
Can CVE-2014-0586 be exploited remotely?
Yes, CVE-2014-0586 can be exploited remotely as it allows attackers to execute arbitrary code.
What should I do if I cannot update due to compatibility issues with CVE-2014-0586?
If you cannot update due to compatibility issues, consider disabling Adobe Flash Player until a secure version compatible with your system is available.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/remedy
agent/weakness
agent/author
agent/description
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/macromedia flash player
version/macromedia flash player/13.0
version/macromedia flash player/14.0
version/macromedia flash player/14.0.0.179
version/macromedia flash player/15.0
vendor/apple
canonical/apple ios and macos
vendor/microsoft
canonical/microsoft windows operating system
version/macromedia flash player/11.0
vendor/linux
canonical/linux kernel
canonical/adobe air
version/adobe air/15.0.0.356
canonical/adobe
version/adobe/15.0.0.356
canonical/adobe air sdk & compiler