CVE-2014-0497
CVE-2014-0497
In short
Adobe Flash Player contains a math error that allows attackers to run harmful code on your computer. This happens when the program subtracts numbers incorrectly, creating a security gap that can be exploited through specially crafted content.
Technical detail
An integer underflow vulnerability in Adobe Flash Player (versions before 11.7.700.261, 11.8.x-12.0.x before 12.0.0.44 on Windows/macOS, and before 11.2.202.336 on Linux) allows remote code execution via unspecified attack vectors. The vulnerability enables attackers to bypass memory protections and execute arbitrary code in the context of the affected application.
Summary generated and translated by AI from the official description.
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/33212unverifiedexploitdbwww.exploit-db.com/exploits/33212unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.htmlhttp://helpx.adobe.com/security/products/flash-player/apsb14-04.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0137.htmlhttp://secunia.com/advisories/56437http://secunia.com/advisories/56737http://secunia.com/advisories/56780http://secunia.com/advisories/56799http://secunia.com/advisories/56839https://exchange.xforce.ibmcloud.com/vulnerabilities/90884