Adobe Flash Player Multiple Vulnerabilities(APSB14-27)- 01 Dec14 (Windows) Network Vulnerability

Summary

This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system. Impact Level: System/Application

Solution

Upgrade to Adobe Flash Player version 13.0.0.259 or 16.0.0.235 or later. For updates refer to http://get.adobe.com/flashplayer

Insight

Multiple Flaws are due to, - An out-of-bounds read error when handling Regular Expression Objects. - Some unspecified errors. - A use-after-free error.

Affected

Adobe Flash Player version before 13.0.0.259, 14.x through 16.x before 16.0.0.235 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
http://osvdb.org/115558
http://secunia.com/advisories/61094

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0580, CVE-2014-0587, CVE-2014-8443, CVE-2014-9162, CVE-2014-9164

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Sep13 (Windows)
Adobe Acrobat Unspecified vulnerability
Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)

Take action and discover your vulnerabilities