← back
CVE-2014-0556

CVE-2014-0556

EPSS 84.3%◆ VulnCheck KEV
Vexday Risk Score
82Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 84.3%KEV nãoPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
10 Sep 2014Published on NVD
23 Sep 2014Metasploit module available
21 Apr 2015Public PoC
Weaponization speed
223 daysto first PoC
13 daysto Metasploit module
Weaponized quickly — attackers prioritized this vulnerability. Patch urgently.
Recommendation: Patch as soon as possible — active exploitation confirmed.
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.