ALT-PU-2014-2389-1
Package adobe-flash-player updated to version 11-alt36 for branch p7 in task 135511.
Closed vulnerabilities
Published: 2014-10-14
BDU:2021-04944
Уязвимость программных платформ Adobe Flash Player, Adobe Integrated Runtime (AIR), Adobe AIR SDK и Adobe AIR SDK & Compiler, связанная с выходом операции за границы буфера, позволяющая нарушителю выполнить произвольный код или вызывать отказ в обслуживании
Severity: CRITICAL (9.8)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2014-11-26
Modified: 2025-02-14
Modified: 2025-02-14
CVE-2014-8439
Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
Severity: CRITICAL (10.0)
References:
- http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-26.html
- http://helpx.adobe.com/security/products/flash-player/apsb14-26.html
- openSUSE-SU-2014:1508
- openSUSE-SU-2014:1508
- SUSE-SU-2014:1545
- SUSE-SU-2014:1545
- openSUSE-SU-2014:1562
- openSUSE-SU-2014:1562
- RHSA-2014:1915
- RHSA-2014:1915
- 60217
- 60217
- 71289
- 71289
- 1031259
- 1031259
- adobe-flash-cve20148439-code-exec(98932)
- adobe-flash-cve20148439-code-exec(98932)
- https://www.f-secure.com/weblog/archives/00002768.html
- https://www.f-secure.com/weblog/archives/00002768.html