Flash Player <= 188.8.131.52 Multiple Vulnerabilities (APSB14-18)
High Nessus Plugin ID 77172
SynopsisThe remote Windows host has a browser plugin that is affected by multiple vulnerabilities.
DescriptionAccording to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 184.108.40.206. It is, therefore, affected by the following vulnerabilities :
- A use-after-free error exists that allows code execution. (CVE-2014-0538)
- An unspecified security bypass error exists.
- Multiple errors exist related to memory leaks that can be used to bypass memory address randomization.
(CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545)
SolutionUpgrade to Adobe Flash Player version 220.127.116.11 (Internet Explorer), 18.104.22.168 (Firefox / Netscape / Opera), or 22.214.171.124 (Chrome) or later.
Alternatively, Adobe has made version 126.96.36.199 available for those installations that cannot be upgraded to 14.x.