Adobe Flash Player Multiple Vulnerabilities(APSB14-27)- 02 Dec14 (Mac OS X) Network Vulnerability

Summary

This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. Impact Level: System/Application

Solution

Upgrade to Adobe Flash Player version 13.0.0.259 or 15.0.0.246 or 16.0.0.235 or later. For updates refer to http://get.adobe.com/flashplayer

Insight

The flaw exists due to an error when the 'parseFloat' function is called on a specific datatype.

Affected

Adobe Flash Player version before 13.0.0.259, 14.x and 15.x before 15.0.0.246 and 16.x before 16.0.0.235 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
http://osvdb.org/115560
http://secunia.com/advisories/61094

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-9163
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities - Mac OS X
Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - Windows

Take action and discover your vulnerabilities