CVE-2014-0564 — HIGH (10.0)

Q: How severe is CVE-2014-0564?

CVE-2014-0564 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-0564?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Linux Linux Kernel, Apple Macos, Microsoft Windows, Microsoft Windows 8.

Vulnerability Description

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	<= 11.2.202.406
Linux	Linux Kernel	-
Apple	Macos	-
Microsoft	Windows	-
Microsoft	Windows 8	-
Microsoft	Windows 8.1	-
Adobe	Flash Player Desktop Runtime	<= 15.0.0.167
Adobe	Air Desktop Runtime	<= 15.0.0.249
Adobe	Air Sdk	<= 15.0.0.249
Apple	Iphone Os	-
Google	Android	-
Opensuse	Evergreen	11.4
Opensuse	Opensuse	12.3
Suse	Linux Enterprise Desktop	11

References

http://helpx.adobe.com/security/products/flash-player/apsb14-22.htmlPatchVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.htmlMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1648.htmlBroken Link
http://secunia.com/advisories/61980Third Party Advisory
http://www.securitytracker.com/id/1031019Third Party AdvisoryVDB Entry
http://helpx.adobe.com/security/products/flash-player/apsb14-22.htmlPatchVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.htmlMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1648.htmlBroken Link
http://secunia.com/advisories/61980Third Party Advisory
http://www.securitytracker.com/id/1031019Third Party AdvisoryVDB Entry

FAQ

What is CVE-2014-0564?

CVE-2014-0564 is a vulnerability with a CVSS score of 10.0 (HIGH). Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe A...

How severe is CVE-2014-0564?

CVE-2014-0564 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0564?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Linux Linux Kernel, Apple Macos, Microsoft Windows, Microsoft Windows 8.