Vulnerability Name:

CVE-2014-0587 (CCN-99233)

Assigned:2013-12-20
Published:2014-12-09
Updated:2018-12-13
Summary:Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-0587

Source: CCN
Type: Google Chrome Releases Web site
Admin Console Update

Source: CCN
Type: Adobe Security Bulletin APSB14-27
Security updates available for Adobe Flash Player

Source: CONFIRM
Type: Vendor Advisory
http://helpx.adobe.com/security/products/flash-player/apsb14-27.html

Source: CCN
Type: RHSA-2014-1981
Critical: flash-plugin security update

Source: CCN
Type: BID-71586
Adobe Flash Player CVE-2014-0587 Unspecified Memory Corruption Vulnerability

Source: XF
Type: UNKNOWN
adobe-flash-cve20140587-code-exec(99233)

Source: CCN
Type: Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-0587

Vulnerable Configuration:Configuration 1:
  • cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version >= 13.0 and < 13.0.0.259)
  • OR cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version >= 14.0 and <= 16.0.0.235)
  • AND
  • cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version >= 11.0 and < 11.2.202.425)
  • AND
  • cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux_server_supplementary:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:52002
    P
    Security update for haproxy (Critical)
    2023-02-14
    oval:org.opensuse.security:def:5302
    P
    Security update for postgresql12 (Important) (in QA)
    2022-08-31
    oval:org.opensuse.security:def:5335
    P
    Security update for postgresql10 (Important)
    2022-08-26
    oval:org.opensuse.security:def:5277
    P
    Security update for the Linux Kernel (Important)
    2022-06-20
    oval:org.opensuse.security:def:20140587
    V
    CVE-2014-0587
    2022-05-20
    oval:org.opensuse.security:def:6026
    P
    Security update for xen (Moderate)
    2022-05-03
    oval:org.opensuse.security:def:5366
    P
    Security update for flac (Moderate)
    2022-03-14
    oval:org.opensuse.security:def:5353
    P
    Security update for php72 (Moderate)
    2022-02-25
    oval:org.opensuse.security:def:5344
    P
    Security update for xen (Important)
    2022-02-17
    oval:org.opensuse.security:def:6004
    P
    Security update for MozillaFirefox (Important)
    2022-01-18
    oval:org.opensuse.security:def:10711
    P
    Security update for MozillaThunderbird (Important)
    2022-01-12
    oval:org.opensuse.security:def:5168
    P
    Security update for mozilla-nss (Important)
    2021-12-06
    oval:org.opensuse.security:def:11149
    P
    Security update for tor (Moderate)
    2021-11-29
    oval:org.opensuse.security:def:5121
    P
    Security update for the Linux Kernel (Important)
    2021-09-23
    oval:org.opensuse.security:def:11127
    P
    Security update for gifsicle (Moderate)
    2021-09-13
    oval:org.opensuse.security:def:10692
    P
    Security update for ffmpeg (Important)
    2021-09-02
    oval:org.opensuse.security:def:11119
    P
    Security update for isync (Moderate)
    2021-08-23
    oval:org.opensuse.security:def:47060
    P
    libpng12-0-1.2.50-13.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47864
    P
    python-cupshelpers-1.5.7-7.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47124
    P
    perl-HTML-Parser-3.71-1.145 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47918
    P
    wpa_supplicant-2.2-15.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47155
    P
    squid-3.5.21-23.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:46998
    P
    libXrender1-0.9.8-3.55 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:46914
    P
    ctags-5.8-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47226
    P
    cpp48-4.8.5-30.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:5075
    P
    Security update for the Linux Kernel (Important)
    2021-07-14
    oval:org.opensuse.security:def:11242
    P
    Security update for libxls (Moderate)
    2021-07-08
    oval:org.opensuse.security:def:11427
    P
    openslp-2.0.0-2.9 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:76830
    P
    flash-player-11.2.202.548-111.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46553
    P
    perl-HTML-Parser-3.71-1.145 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11351
    P
    libaugeas0-1.2.0-1.5 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11513
    P
    cups-pk-helper-0.2.5-3.75 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11440
    P
    perl-YAML-LibYAML-0.38-7.61 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46700
    P
    libXext6-1.3.2-3.61 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11376
    P
    libmikmod3-3.2.0-4.59 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11534
    P
    flash-player-11.2.202.548-111.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11535
    P
    freerdp-1.0.2-7.9 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12078
    P
    coreutils-8.25-12.8 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48718
    P
    flash-player-11.2.202.548-111.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:17049
    P
    flash-player-11.2.202.548-111.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11418
    P
    libzip2-0.11.1-4.62 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12100
    P
    elfutils-0.158-6.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46462
    P
    libXrandr2-1.4.2-3.55 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11276
    P
    cpio-2.11-26.182 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:5053
    P
    Security update for gstreamer-plugins-bad (Important)
    2021-06-07
    oval:org.opensuse.security:def:10677
    P
    Security update for MozillaThunderbird (Moderate)
    2021-06-04
    oval:org.opensuse.security:def:51896
    P
    Security update for djvulibre (Important)
    2021-05-31
    oval:org.opensuse.security:def:5045
    P
    Security update for postgresql10 (Moderate)
    2021-05-27
    oval:org.opensuse.security:def:38103
    P
    Security update for clamav (Important)
    2021-04-14
    oval:org.opensuse.security:def:11195
    P
    Security update for isync (Important)
    2021-04-10
    oval:org.opensuse.security:def:5202
    P
    Security update for openssl-1_1 (Important)
    2021-03-25
    oval:org.opensuse.security:def:5183
    P
    Security update for ImageMagick (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:51723
    P
    Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2021-02-10
    oval:org.opensuse.security:def:51485
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:10584
    P
    Security update for MozillaThunderbird (Important)
    2020-12-07
    oval:org.opensuse.security:def:11257
    P
    python-pymongo-2.6.3-2.20 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:24320
    P
    Security update for libzypp, zypper (Important)
    2020-12-01
    oval:org.opensuse.security:def:24646
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:51323
    P
    Security update for vim (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53799
    P
    Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:10554
    P
    libtiff-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52961
    P
    Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53691
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:10875
    P
    aaa_base-malloccheck on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37451
    P
    grub2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37835
    P
    krb5-appl-clients on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46018
    P
    Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25019
    P
    Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:25750
    P
    Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52653
    P
    Security update for the Linux Kernel (Live Patch 2 for SLE 15) (Important)
    2020-12-01
    oval:org.opensuse.security:def:54122
    P
    squashfs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52560
    P
    Security update for ntp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:10811
    P
    libxcb-composite0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54084
    P
    mipv6d on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38170
    P
    dovecot22 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24383
    P
    Security update for openssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24729
    P
    Security update for java-1_8_0-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51345
    P
    Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:52561
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:53134
    P
    Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:38054
    P
    rrdtool on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37587
    P
    libspice-server1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37995
    P
    libz1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46138
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25033
    P
    Security update for openssl-1_0_0 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52727
    P
    Security update for the Linux Kernel (Live Patch 9 for SLE 15) (Important)
    2020-12-01
    oval:org.opensuse.security:def:54196
    P
    flash-player on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:10562
    P
    libwmf-0_2-7 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53891
    P
    Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55360
    P
    python on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37355
    P
    xalan-j2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38214
    P
    gv on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24509
    P
    Security update for perl (Important)
    2020-12-01
    oval:org.opensuse.security:def:24879
    P
    Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52168
    P
    Security update for java-11-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:52583
    P
    Security update for java-1_8_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:53240
    P
    Security update for qemu (Important)
    2020-12-01
    oval:org.opensuse.security:def:10853
    P
    systemtap-sdt-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37356
    P
    xdg-utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37688
    P
    sysvinit-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:24310
    P
    Security update for spice-gtk (Important)
    2020-12-01
    oval:org.opensuse.security:def:46330
    P
    Security update for dpdk (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25077
    P
    Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52765
    P
    Security update for the Linux Kernel (Live Patch 15 for SLE 15) (Important)
    2020-12-01
    oval:org.opensuse.security:def:53965
    P
    fuse on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55434
    P
    Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38852
    P
    gnome-shell-calendar on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46004
    P
    Security update for clamav (Important)
    2020-12-01
    oval:org.opensuse.security:def:24590
    P
    Security update for systemd (Important)
    2020-12-01
    oval:org.opensuse.security:def:24932
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:52453
    P
    Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52723
    P
    Security update for the Linux Kernel (Live Patch 12 for SLE 15) (Important)
    2020-12-01
    oval:org.opensuse.security:def:53406
    P
    Security update for nodejs10 (Important)
    2020-12-01
    oval:org.opensuse.security:def:10862
    P
    xfig on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37367
    P
    yast2-core on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37745
    P
    busybox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:46005
    P
    Security update for permissions (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25715
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:51322
    P
    Security update for jasper (Low)
    2020-12-01
    oval:org.opensuse.security:def:52846
    P
    Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP1) (Important)
    2020-12-01
    oval:org.opensuse.security:def:10630
    P
    Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:10786
    P
    librsvg-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54003
    P
    libXinerama1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38142
    P
    bubblewrap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38894
    P
    flash-player on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:28659
    P
    SUSE-SU-2014:1649-1 -- Security update for flash-player (moderate)
    2015-02-23
    oval:org.mitre.oval:def:28571
    P
    SUSE-SU-2014:1650-1 -- Security update for flash-player (important)
    2015-02-23
    oval:org.opensuse.security:def:78068
    P
    Security update for flash-player (Moderate)
    2014-12-12
    oval:com.redhat.rhsa:def:20141981
    P
    RHSA-2014:1981: flash-plugin security update (Critical)
    2014-12-10
    oval:com.ubuntu.precise:def:20140587000
    V
    CVE-2014-0587 on Ubuntu 12.04 LTS (precise) - medium.
    2014-12-10
    oval:com.ubuntu.trusty:def:20140587000
    V
    CVE-2014-0587 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-12-10
    BACK
    adobe flash player *
    adobe flash player *
    apple mac os x *
    microsoft windows *
    adobe flash player *
    linux linux kernel *
    adobe flash player 15.0.0.239
    redhat enterprise linux server supplementary 6
    redhat enterprise linux workstation supplementary 6
    redhat enterprise linux desktop supplementary 6
    microsoft windows server 2012
    microsoft windows 8 -
    microsoft windows rt -
    microsoft windows 8.1 - -