Summary
This host is installed with Adobe Flash Player and is prone to arbitrary code execution vulnerability.
Impact
Successful exploitation will allow attackers to, execute arbitrary code and cause buffer overflow.
Impact Level: System/Application
Solution
Update to Adobe Flash Player version 11.7.700.261 or 12.0.0.44 or later, For updates refer to http://get.adobe.com/flashplayer
Insight
Flaw is due to an integer underflow condition that is triggered as unspecified user-supplied input is not properly validated.
Affected
Adobe Flash Player versions before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-0497 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Mac OS X)