Strix
26.1K

CVE-2014-0508

UnknownEPSS 4.72%

Last modified

CVE-2014-0508 is a vulnerability of currently unknown severity. Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.. EPSS estimates a 4.72% chance of exploitation in the next 30 days.

Description

Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

Metrics

EPSS Probability
4.72%

90.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AdobeAdobe Air Sdk<= 4.0.0.1628
AdobeAdobe Air Sdk3.0.0.4080
AdobeAdobe Air Sdk3.1.0.488
AdobeAdobe Air Sdk3.2.0.2070
AdobeAdobe Air Sdk3.3.0.3650
AdobeAdobe Air Sdk3.3.0.3690
AdobeAdobe Air Sdk3.4.0.2540
AdobeAdobe Air Sdk3.4.0.2710
AdobeAdobe Air Sdk3.5.0.600
AdobeAdobe Air Sdk3.5.0.880
AdobeAdobe Air Sdk3.5.0.890
AdobeAdobe Air Sdk3.5.0.1060
AdobeAdobe Air Sdk3.6.0.599
AdobeAdobe Air Sdk3.6.0.6090
AdobeAdobe Air Sdk3.7.0.1530
AdobeAdobe Air Sdk3.7.0.1860
AdobeAdobe Air Sdk3.7.0.2090
AdobeAdobe Air Sdk3.8.0.870
AdobeAdobe Air Sdk3.8.0.910
AdobeAdobe Air Sdk3.8.0.1430
AdobeAdobe Air Sdk3.9.0.1030
AdobeAdobe Air Sdk3.9.0.1210
AdobeAdobe Air Sdk3.9.0.1380
AdobeAdobe Air Sdk4.0.0.1390
AdobeAdobe Air<= 4.0.0.1390
AdobeAdobe Air1.0
AdobeAdobe Air1.0.1
AdobeAdobe Air1.0.8.4990
AdobeAdobe Air1.0.4990
AdobeAdobe Air1.1
AdobeAdobe Air1.1.0.5790
AdobeAdobe Air1.5
AdobeAdobe Air1.5.0.7220
AdobeAdobe Air1.5.1
AdobeAdobe Air1.5.1.8210
AdobeAdobe Air1.5.2
AdobeAdobe Air1.5.3
AdobeAdobe Air1.5.3.9120
AdobeAdobe Air1.5.3.9130
AdobeAdobe Air2.0.2
AdobeAdobe Air2.0.2.12610
AdobeAdobe Air2.0.3
AdobeAdobe Air2.0.3.13070
AdobeAdobe Air2.0.4
AdobeAdobe Air2.5.0.16600
AdobeAdobe Air2.5.1.17730
AdobeAdobe Air2.6
AdobeAdobe Air2.6.0.19120
AdobeAdobe Air2.6.0.19140
AdobeAdobe Air2.7

Showing 50 of 159 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2014-0508?
Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
How severe is CVE-2014-0508?
Severity scoring for CVE-2014-0508 is pending analysis. The EPSS model estimates a 4.72% probability of exploitation in the next 30 days.
How do I fix CVE-2014-0508?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-0508?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST