CVE-2014-0498
EXPLOITEDAdobe Flash Player <11.7.700.269-12.0.0.70 - Buffer Overflow
Title source: llmExploitation Summary
CVE-2014-0498 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.
References (6)
Core 6
Core References
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201405-04.xml
Patch, Vendor Advisory x_refsource_confirm
http://helpx.adobe.com/security/products/flash-player/apsb14-07.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0196.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html
Scores
EPSS
0.0722
EPSS Percentile
93.6%
Details
VulnCheck KEV
2019-12-26
CWE
CWE-119
Status
published
Products (3)
adobe/adobe_air
< 4.0.0.1628
adobe/adobe_air_sdk
< 4.0.0.1628
adobe/flash_player
11.0 - 11.7.700.269
Published
Feb 21, 2014
Tracked Since
Feb 18, 2026