Adobe AIR <= AIR 188.8.131.52 Multiple Vulnerabilities (APSB14-21)
High Nessus Plugin ID 77576
SynopsisThe remote Windows host contains a version of Adobe AIR that is affected by multiple vulnerabilities.
DescriptionAccording to its version, the installation of Adobe AIR on the remote Windows host is equal or prior to 184.108.40.206. It is, therefore, affected by the following vulnerabilities :
- Unspecified memory corruption issues exist that allow arbitrary code execution. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555)
- An unspecified error exists that allows cross-origin policy violations. (CVE-2014-0548)
- A use-after-free error exists that allows arbitrary code execution. (CVE-2014-0553)
- An unspecified error exists that allows an unspecified security bypass. (CVE-2014-0554)
- Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization.
- Heap-based buffer overflow errors exist that allow arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)
SolutionUpgrade to Adobe AIR 220.127.116.11 or later.