Oval Definition:oval:org.mitre.oval:def:24795
Revision Date:2015-08-03Version:43
Title:Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows (CVE-2014-0532)
Description:Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0533.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-0532
Platform(s):Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Adobe AIR
Adobe Flash Player
Definition Synopsis
  • Check the version of Adobe Flash Player 13
  • Adobe Flash Player 13 is installed
  • AND Determine if the version of Adobe Flash Player is less than or equal 13.0.0.214
  • Determine if the version of Adobe Flash Player is less than or equal 13.0.0.214
  • OR Determine if the version of Adobe Air is less than or equal 13.0.0.111
  • Adobe AIR is installed
  • AND Determine if the version of Adobe Air is less 13.0.0.111
  • OR Flash.ocx section
  • ActiveX Control is installed
  • AND Determine if the version of Flash.ocx is less than or equal 13.0.0.214
  • BACK