Oval Definition:oval:org.mitre.oval:def:26337
Revision Date:2015-08-03Version:39
Title:Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows, Adobe AIR before 14.0.0.178 on Windows do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism
Description:Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-0540
Platform(s):Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Adobe AIR
Adobe Flash Player
Definition Synopsis
  • Check the version of Adobe Flash Player 13
  • Adobe Flash Player 13 is installed
  • AND Determine if the version of Adobe Flash Player is less than 13.0.0.241
  • OR Check the version of Adobe Flash Player 14
  • Adobe Flash Player 14 is installed
  • AND Determine if the version of Adobe Flash Player is less than 14.0.0.176
  • OR Determine if the version of Adobe Air is less than or equal 13.0.0.111
  • Adobe AIR is installed
  • AND Determine if the version of Adobe Air is less 14.0.0.178
  • OR Flash.ocx section
  • ActiveX Control is installed
  • AND Flash.ocx versions section
  • Flash.ocx 13 section
  • Determine if the version of Flash.ocx is less than 13.0.0.241
  • AND Determine if the version of Flash.ocx is greater than or equal 13.0.0.0
  • OR Flash.ocx 14 section
  • Determine if the version of Flash.ocx is less than 14.0.0.176
  • AND Determine if the version of Flash.ocx is greater than or equal 14.0.0.0
  • BACK