CVE-2014-0515
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 20, 2013
- Published Date
- April 29, 2014
- Last Updated
- August 06, 2024
- Vendor
- Adobe
- Product
- Flash Player
- Description
- Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.
- Tags
- Exploited in the Wild
- Yes (2014-04-29 10:00:00 UTC) Source
windows
linux
metasploit_scanner
CVSS Scores
CVSS v2.0
10.0
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploit Status
References
http://www.securityfocus.com/bid/67092
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00000.html
http://security.gentoo.org/glsa/glsa-201405-04.xml
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00001.html
http://rhn.redhat.com/errata/RHSA-2014-0447.html
http://www.securitytracker.com/id/1030155
http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CVE | 2014-04-29 10:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb | 2025-04-29 11:01:19 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
adobe_flash_pixel_bender_bof
Type: metasploit • Created: Unknown
Metasploit module for CVE-2014-0515
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Detected by Metasploit