CVE-2014-8442CVE-2014-8442

Affected configuration(s):

cpe:/a:adobe:air:15.0.0.293
cpe:/a:adobe:air_sdk:15.0.0.302
cpe:/a:adobe:air_sdk_%26_compiler:15.0.0.302
cpe:/a:adobe:flash_player:11.2.202.411
cpe:/a:adobe:flash_player:13.0.0.250
cpe:/a:adobe:flash_player:14.0.0.176
cpe:/a:adobe:flash_player:15.0.0.189

Date published: 2014-11-11T18:55:02.783-05:00

Date last modified: 2017-09-07T21:29:23.730-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://helpx.adobe.com/security/products/flash-player/apsb14-24.html

Summary: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.