NVD

Id
29392  
Name
CVE-2014-0499  
Description
Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:N/A:N)  
Pub Date
2017-01-19  
Published
2014-02-21  
Modified Date
2014-06-21  
Seq
2014-0499  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
155952 29392 CVE-2014-0499 http://helpx.adobe.com/security/products/flash-player/apsb14-07.html  View
155953 29392 CVE-2014-0499 openSUSE-SU-2014:0277  View
155954 29392 CVE-2014-0499 openSUSE-SU-2014:0278  View
155955 29392 CVE-2014-0499 SUSE-SU-2014:0290  View
155956 29392 CVE-2014-0499 RHSA-2014:0196  View
155957 29392 CVE-2014-0499 GLSA-201405-04  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12566 JVNDB-2014-001441 Adobe Flash Player および Adobe AIR における ASLR 保護メカニズムを回避される脆弱性 Adobe Flash Player および Adobe AIR は、アドレス情報へのアクセスを適切に制限しないため、ASLR 保護メカニズムを回避される脆弱性が存在します。 CVE-2014-0499 67900 CVE-2014-0499 29392 7.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001441.html 2014-02-20 2014-03-13 View