Flash Player < Multiple Vulnerabilities (APSB14-08)

Medium Nessus Network Monitor Plugin ID 8157


The remote host has a browser plugin that is affected by multiple vulnerabilities.


Versions of Adobe Flash Player prior to (or 11.7.700.272 for Linux users) are outdated and thus unpatched for the following vulnerabilities :

- A same origin policy bypass vulnerability (CVE-2014-0503).
- Clipboard content access by an unauthorized, context-dependent attacker (CVE-2014-0504).


Upgrade to (or 11.7.700.272 for users of older versions of Windows or OS X, who cannot upgrade to the latest major version), or later. Users of the Chrome browser should update their browser to version 33.0.1750.149, which will include the latest fix.

See Also


Plugin Details

Severity: Medium

ID: 8157

File Name: 8157.prm

Family: Web Clients

Published: 2013/03/13

Modified: 2016/01/21

Dependencies: 5158

Nessus ID: 72938

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 5.1


Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:adobe:flash_player

Patch Publication Date: 2014/03/11

Vulnerability Publication Date: 2014/03/11

Reference Information

CVE: CVE-2014-0503, CVE-2014-0504

BID: 66122, 66127

OSVDB: 104318, 104319