Adobe AIR < 126.96.36.199 Multiple Vulnerabilities (APSB14-21)
High Nessus Network Monitor Plugin ID 8376
SynopsisThe remote host is running an outdated version of Adobe AIR.
DescriptionVersions of Adobe AIR earlier than 188.8.131.52 are unpatched for the following vulnerabilities :
- Unspecified memory corruption issues exist that allow arbitrary code execution. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555)
- An unspecified error exists that allows cross-origin policy violations. (CVE-2014-0548)
- A use-after-free error exists that allows arbitrary code execution. (CVE-2014-0553)
- An unspecified error exists that allows an unspecified security bypass. (CVE-2014-0554)
- Unspecified errors exist that allow memory leaks leading to easier defeat of memory address randomization. (CVE-2014-0557)
- Heap-based buffer overflow errors exist that allow arbitrary code execution. (CVE-2014-0556, CVE-2014-0559)
SolutionUpgrade to Adobe AIR 184.108.40.206 or later.