Home

CVE-2014-0557

Description

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.541

Associated Vulnerability

VulnerabilityOS Platform
Upgrade Adobe Air 14.0.0.179 to latest versionWindows
Upgrade Adobe flash player 15.0.0.144 to latest versionWindows
Multiple vulnerabilities affected in Adobe AIR 14.0.0.179Windows
Multiple vulnerabilities affected in Adobe Flash Player Plugin 15.0.0.144Windows
Multiple vulnerabilities affected in Adobe Flash Player PPAPI 15.0.0.144Windows
Multiple Vulnerabilities are affected in Adobe AIR 14.0.0.178Windows
Multiple Vulnerabilities are affected in Adobe AIR For Mac 14.0.0.137Mac
Multiple Vulnerabilities are affected in Adobe AIR 13.0.0.111Mac
Multiple Vulnerabilities are affected in Adobe AIR 13.0.0.83Mac
Multiple Vulnerabilities are affected in Adobe AIR 14.0.0.110Mac
Multiple Vulnerabilities are affected in Adobe AIR 14.0.0.137Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 13.0.0.111Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 13.0.0.83Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 14.0.0.110Mac
Vulnerabilities CVE-2014-0547,CVE-2014-0556,CVE-2014-0557,CVE-2014-0558 are affected in Adobe AIR For Mac 14.0.0.178Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234