Adobe AIR Security Bypass Vulnerability Jan14 (Windows) Network Vulnerability

Summary

This host is installed with Adobe AIR and is prone to security bypass vulnerability.

Impact

Successful exploitation will allow attackers to, bypass certain security restrictions and disclose certain memory informations. Impact Level: System/Application

Solution

Update to Adobe AIR version 4.0.0.1390 or later, For updates refer to http://get.adobe.com/air

Insight

Flaw is due to an unspecified error and other additional weakness.

Affected

Adobe AIR version before 4.0.0.1390 on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://helpx.adobe.com/security/products/flash-player/apsb14-02.html
http://secunia.com/advisories/56267
http://www.osvdb.com/101982
http://www.osvdb.com/101983

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0491, CVE-2014-0492
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)

Take action and discover your vulnerabilities