Home

CVE-2014-0531

Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0532 and CVE-2014-0533.

Risk Information

Base Score
6.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
1.011

Associated Vulnerability

VulnerabilityOS Platform
Upgrade Adobe Air 13.0.0.83 to latest versionWindows
Upgrade Adobe flash player 13.0.0.214 to latest versionWindows
Multiple vulnerabilities affected in Adobe AIR 13.0.0.83Windows
Multiple vulnerabilities affected in Adobe Flash Player Plugin 13.0.0.214Windows
Multiple vulnerabilities affected in Adobe Flash Player PPAPI 13.0.0.214Windows
Multiple Vulnerabilities are affected in Adobe AIR 13.0.0.111Mac
Multiple Vulnerabilities are affected in Adobe AIR 13.0.0.83Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 13.0.0.111Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 13.0.0.83Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234