Flash Player < 11.7.700.279 / 18.104.22.168 Buffer Overflow (APSB14-13)
High Nessus Network Monitor Plugin ID 8805
SynopsisThe remote host is running an outdated version of Adobe Flash Player for Internet Explorer that is affected by a buffer overflow vulnerability.
DescriptionVersions of Adobe Flash player prior to 11.7.700.279 / 22.214.171.124 are outdated and thus unpatched for an overflow condition in the pixel bender component. The issue is triggered as user-supplied input is not properly validated. With a specially crafted SWF file, a context-dependent attacker can cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2014-0515)
SolutionUpgrade to Adobe Flash Player version 126.96.36.199 or later. If 13.x cannot be obtained, 11.7.700.279 has also been patched for this vulnerability.