CVE-2014-0569
82Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 90%
from disclosure to weapon180 days
Published on NVDOct 15
1st PoC+180d
metasploitOct 14
VulnCheck+790d
exploitation probability
90%top 1% of all CVEs
observed exploitation
yesVulnCheck
1 public exploit(s)
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/36744unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://helpx.adobe.com/security/products/flash-player/apsb14-22.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.htmlhttp://lists.opensuse.org/opensuse-updates/2014-10/msg00033.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1648.htmlhttp://secunia.com/advisories/61980http://www.securityfocus.com/bid/70441http://www.securitytracker.com/id/1031019http://www.zerodayinitiative.com/advisories/ZDI-14-365/