CVE-2014-0518

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
adobeflash_player
13.0 ≤
𝑥
< 13.0.0.214
adobeflash_player
11.0 ≤
𝑥
< 11.2.202.359
adobeadobe_air
𝑥
< 13.0.0.111
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
trusty
Fixed 11.2.202.359-0trusty1
released
saucy
Fixed 11.2.202.359-0saucy1
released
quantal
Fixed 11.2.202.359-0quantal1
released
precise
Fixed 11.2.202.359-0precise1
released
lucid
ignored
flashplugin-nonfree
trusty
Fixed 11.2.202.359ubuntu0.14.04.1
released
saucy
Fixed 11.2.202.359ubuntu0.13.10.1
released
quantal
Fixed 11.2.202.359ubuntu0.12.10.1
released
precise
Fixed 11.2.202.359ubuntu0.12.04.1
released
lucid
ignored
Common Weakness Enumeration
References
http://helpx.adobe.com/security/products/flash-player/apsb14-14.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00008.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00051.html
http://rhn.redhat.com/errata/RHSA-2014-0496.html
http://security.gentoo.org/glsa/glsa-201406-08.xml
http://helpx.adobe.com/security/products/flash-player/apsb14-14.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00008.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00051.html
http://rhn.redhat.com/errata/RHSA-2014-0496.html
http://security.gentoo.org/glsa/glsa-201406-08.xml