CVE-2014-0506 in Adobe Flash Playerinfo

Summary

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.

Reservation

12/20/2013

Disclosure

03/27/2014

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
12721Adobe Flash Player resource management399Proof-of-ConceptOfficial fixCVE-2014-0506
12720Adobe Flash Player resource management399Proof-of-ConceptOfficial fixCVE-2014-0506

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!