CVE-2014-0498

EXPLOITED

Adobe Flash Player <11.7.700.269-12.0.0.70 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2014-0498 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.

References (6)

Core 6
Core References
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201405-04.xml
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0196.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html

Scores

EPSS 0.0722
EPSS Percentile 93.6%

Details

VulnCheck KEV 2019-12-26
CWE
CWE-119
Status published
Products (3)
adobe/adobe_air < 4.0.0.1628
adobe/adobe_air_sdk < 4.0.0.1628
adobe/flash_player 11.0 - 11.7.700.269
Published Feb 21, 2014
Tracked Since Feb 18, 2026