Revision Date: | 2015-08-03 | Version: | 43 |
Title: | Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows (CVE-2014-0532) |
Description: | Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0533. |
Family: | windows | Class: | vulnerability |
Status: | ACCEPTED | Reference(s): | CVE-2014-0532
|
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP
| Product(s): | Adobe AIR Adobe Flash Player
|
Definition Synopsis |
Check the version of Adobe Flash Player 13 Adobe Flash Player 13 is installed
AND Determine if the version of Adobe Flash Player is less than or equal 13.0.0.214
Determine if the version of Adobe Flash Player is less than or equal 13.0.0.214
OR Determine if the version of Adobe Air is less than or equal 13.0.0.111
Adobe AIR is installed
AND Determine if the version of Adobe Air is less 13.0.0.111
OR Flash.ocx section
ActiveX Control is installed
AND Determine if the version of Flash.ocx is less than or equal 13.0.0.214
|