Flash Player <= 11.7.700.261 / 184.108.40.206 Multiple Vulnerabilities (APSB14-07)
High Nessus Plugin ID 72606
SynopsisThe remote Windows host has a browser plugin that is affected by multiple vulnerabilities.
DescriptionAccording to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.261 / 11.8.x / 11.9.x / 220.127.116.11. It is, therefore, potentially affected multiple vulnerabilities :
- A stack overflow vulnerability exists that could result in arbitrary code execution. (CVE-2014-0498)
- A memory leak vulnerability exists that could be used to aid in buffer overflow attacks by bypassing address space layout randomization (ASLR). (CVE-2014-0499)
- A double free vulnerability exists that could result in arbitrary code execution. (CVE-2014-0502)
SolutionUpgrade to Adobe Flash Player version 11.7.700.269 / 18.104.22.168 or later.