Adobe AIR Security Bypass Vulnerability Jan14 (Windows) Network Vulnerability

Summary

This host is installed with Adobe AIR and is prone to security bypass vulnerability.

Impact

Successful exploitation will allow attackers to, bypass certain security restrictions and disclose certain memory informations. Impact Level: System/Application

Solution

Update to Adobe AIR version 4.0.0.1390 or later, For updates refer to http://get.adobe.com/air

Insight

Flaw is due to an unspecified error and other additional weakness.

Affected

Adobe AIR version before 4.0.0.1390 on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://helpx.adobe.com/security/products/flash-player/apsb14-02.html
http://secunia.com/advisories/56267
http://www.osvdb.com/101982
http://www.osvdb.com/101983

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0491, CVE-2014-0492

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)

Take action and discover your vulnerabilities