CVE-2014-0500

Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://helpx.adobe.com/security/products/shockwave/apsb14-06.html	Vendor Advisory
http://osvdb.org/103157
http://secunia.com/advisories/56740
http://www.securityfocus.com/bid/65490
http://www.securitytracker.com/id/1029740
https://exchange.xforce.ibmcloud.com/vulnerabilities/91007
http://helpx.adobe.com/security/products/shockwave/apsb14-06.html	Vendor Advisory
http://osvdb.org/103157
http://secunia.com/advisories/56740
http://www.securityfocus.com/bid/65490
http://www.securitytracker.com/id/1029740
https://exchange.xforce.ibmcloud.com/vulnerabilities/91007

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:adobe:shockwave_player::::::::
	cpe:2.3:a:adobe:shockwave_player:11.0.0.456:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.0.3.471:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.0.595:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.0.596:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.1.601:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.2.602:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.6.606:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.7.609:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.8.612:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.9.615:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.9.620:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.5.10.620:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.0.626:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.1.629:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.3.633:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.4.634:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.5.635:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.6.636:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.7.637:::::::*
	cpe:2.3:a:adobe:shockwave_player:11.6.8.638:::::::*
	cpe:2.3:a:adobe:shockwave_player:12.0.0.112:::::::*
	cpe:2.3:a:adobe:shockwave_player:12.0.2.122:::::::*
	cpe:2.3:a:adobe:shockwave_player:12.0.3.133:::::::*
	cpe:2.3:a:adobe:shockwave_player:12.0.4.144:::::::*
	cpe:2.3:a:adobe:shockwave_player:12.0.6.147:::::::*

History

21 Nov 2024, 02:02

Type	Values Removed	Values Added
References	~~() http://helpx.adobe.com/security/products/shockwave/apsb14-06.html - Vendor Advisory~~	() http://helpx.adobe.com/security/products/shockwave/apsb14-06.html - Vendor Advisory
References	~~() http://osvdb.org/103157 -~~	() http://osvdb.org/103157 -
References	~~() http://secunia.com/advisories/56740 -~~	() http://secunia.com/advisories/56740 -
References	~~() http://www.securityfocus.com/bid/65490 -~~	() http://www.securityfocus.com/bid/65490 -
References	~~() http://www.securitytracker.com/id/1029740 -~~	() http://www.securitytracker.com/id/1029740 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/91007 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/91007 -

Information

Published : 2014-02-12 04:50

Updated : 2024-11-21 02:02

NVD link : CVE-2014-0500

Mitre link : CVE-2014-0500

CVE.ORG link : CVE-2014-0500

JSON object : View

Products Affected

adobe

shockwave_player

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

10.0 /10