CVE-2014-8443

EUVD-2014-8280
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
adobeflash_player
13.0 ≤
𝑥
< 13.0.0.252
adobeflash_player
14.0 ≤
𝑥
≤ 14.0.0.179
adobeflash_player
16.0 ≤
𝑥
< 16.0.0.235
adobeflash_player
11.0 ≤
𝑥
< 11.2.202.425
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
adobe-flashplugin
lucid
ignored
precise
Fixed 11.2.202.425-0precise1
released
trusty
Fixed 11.2.202.425-0trusty1
released
utopic
Fixed 11.2.202.425-0utopic1
released
flashplugin-nonfree
lucid
ignored
precise
Fixed 11.2.202.425ubuntu0.12.04.1
released
trusty
Fixed 11.2.202.425ubuntu0.14.04.1
released
utopic
Fixed 11.2.202.425ubuntu0.14.10.1
released
References
http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
http://helpx.adobe.com/security/products/flash-player/apsb14-27.html