Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Adobe AIR < 13.0.0.111 Multiple Vulnerabilities (APSB14-14)

High

Synopsis

The remote host is running an outdated version of Adobe AIR.

Description

Versions of Adobe AIR earlier than 13.0.0.111 are unpatched for the following vulnerabilities :

- An overflow condition exists that is triggered as user-supplied input is not properly validated when handling display objects. This may allow a context-dependent attacker to cause a heap-based buffer overflow, allowing the execution of arbitrary code. (CVE-2014-0510) - An unspecified vulnerability exists that could be used to bypass the same origin policy. (CVE-2014-0516) - Multiple, unspecified security bypass vulnerabilities exist. (CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520)

Solution

Upgrade to Adobe AIR 13.0.0.111 or later.