Flash Player For Mac <= 188.8.131.52 Multiple Vulnerabilities (APSB14-27)
High Nessus Plugin ID 79837
SynopsisThe remote Mac OS X host has a browser plugin that is affected by multiple vulnerabilities.
DescriptionAccording to its version, the installation of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to 184.108.40.206.
It is, therefore, affected by the following vulnerabilities :
- A security bypass vulnerability that allows an attacker to bypass the same-origin policy. (CVE-2014-0580)
- Multiple memory corruption vulnerabilities that allow an attacker to execute arbitrary code. (CVE-2014-0587, CVE-2014-9164)
- A use-after-free vulnerability that can result in arbitrary code execution. (CVE-2014-8443)
- An unspecified information disclosure vulnerability.
- A stack-based buffer overflow vulnerability that can be exploited to execute arbitrary code or elevate privileges. (CVE-2014-9163)
SolutionUpgrade to Adobe Flash Player version 220.127.116.11 or later.
Alternatively, Adobe has made version 18.104.22.1689 available for those installations that cannot be upgraded to 16.x.