Adobe Flash Player Multiple Vulnerabilities(APSB14-27)- 02 Dec14 (Windows) Network Vulnerability

Summary

This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to cause a stack-based buffer overflow, potentially allowing the execution of arbitrary code. Impact Level: System/Application

Solution

Upgrade to Adobe Flash Player version 13.0.0.259 or 15.0.0.246 or 16.0.0.235 or later. For updates refer to http://get.adobe.com/flashplayer

Insight

The flaw exists due to an error when the 'parseFloat' function is called on a specific datatype.

Affected

Adobe Flash Player version before 13.0.0.259, 14.x and 15.x before 15.0.0.246 and 16.x before 16.0.0.235 on Windows

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
http://osvdb.org/115560
http://secunia.com/advisories/61094

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-9163
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
Adobe Air Multiple Vulnerabilities - December12 (Windows)
Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)

Take action and discover your vulnerabilities