Flash Player < 18.104.22.168 Multiple Vulnerabilities (APSB14-21)
High Nessus Network Monitor Plugin ID 8375
SynopsisThe remote host has a browser plugin that is affected by multiple vulnerabilities.
DescriptionVersions of Flash player earlier than 22.214.171.124 are unpatched for the following vulnerabilities:
- Unspecified memory corruption issues exist that allow arbitrary code execution. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555)
- An unspecified error exists that allows cross-origin policy violations. (CVE-2014-0548)
- A use-after-free error exists that allows arbitrary code execution. (CVE-2014-0553)
- An unspecified error exists that allows an unspecified security bypass. (CVE-2014-0554)
- Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization. (CVE-2014-0557)
- Heap-based buffer overflow errors exist that allow arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)
SolutionUpgrade to 126.96.36.199 or later. Users of Internet Explorer 10 and 11 should be automatically updated to the latest version.