Adobe AIR < 4.0.0.1390 Multiple Vulnerabilities (APSB14-02)

High Nessus Network Monitor Plugin ID 8106

Synopsis

The remote host is running an outdated version of Adobe AIR.

Description

Versions of Adobe AIR earlier than 4.0.0.1390 are unpatched for the following vulnerabilities :

- A flaw exists when requesting sites using 'jar:' URIs that enables a context-dependent attacker to bypass 'AllowScriptAccess=never' security protection mechanisms. No further details have been provided by the vendor. (CVE-2014-0491)
- A flaw exists in the ActionScript Virtual Machine. The issue is due to the AVM not properly sanitizing values before jumping to them. An attacker can use this issue to leak addresses from 'Flash.ocx' within the current process, making exploitation of issues considerably easier. (CVE-2014-0492)

Solution

Upgrade to Adobe AIR 4.0.0.1390 or later.

See Also

http://helpx.adobe.com/security/products/flash-player/apsb14-02.html

http://www.zerodayinitiative.com/advisories/ZDI-14-014

Plugin Details

Severity: High

ID: 8106

Family: Web Clients

Published: 2014/02/10

Updated: 2019/03/06

Dependencies: 4759

Nessus ID: 71951

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:adobe:air

Patch Publication Date: 2014/01/14

Vulnerability Publication Date: 2014/01/14

Reference Information

CVE: CVE-2014-0491, CVE-2014-0492

BID: 64810, 64807