CyberSec.Space Logo
Back to CVE Browser

CVE-2014-0502

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score92.7260%
EPSS Percentile91.93th
PublishedFeb 21, 2014
Last ModifiedApr 21, 2026

Vulnerability Description

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.

Affected Platforms (CPE)

πŸ“¦
Adobe

Flash Player

< 11.7.700.269
πŸ“¦
Adobe

Flash Player

>= 11.8.800.94 and < 12.0.0.70
πŸ“¦
Adobe

Adobe Air Sdk

< 4.0.0.1628
πŸ“¦
Adobe

Flash Player

< 11.2.202.341
πŸ“¦
Adobe

Adobe Air

< 4.0.0.1628
πŸ’»
Opensuse

Opensuse

= 11.4
πŸ’»
Opensuse

Opensuse

= 12.3
πŸ’»
Opensuse

Opensuse

= 13.1
πŸ’»
Suse

Linux Enterprise Desktop

= 11
πŸ’»
Redhat

Enterprise Linux Desktop

= 5.0
πŸ’»
Redhat

Enterprise Linux Desktop

= 6.0
πŸ’»
Redhat

Enterprise Linux Eus

= 6.5
πŸ’»
Redhat

Enterprise Linux Server

= 5.0
πŸ’»
Redhat

Enterprise Linux Server

= 6.0
πŸ’»
Redhat

Enterprise Linux Server Aus

= 6.5
πŸ’»
Redhat

Enterprise Linux Workstation

= 5.0
πŸ’»
Redhat

Enterprise Linux Workstation

= 6.0

References & Advisories

πŸ”— http://helpx.adobe.com/security/products/flash-player/apsb14-07.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2014-0196.html
πŸ”— http://security.gentoo.org/glsa/glsa-201405-04.xml
πŸ”— http://www.alienvault.com/open-threat-exchange/blog/analysis-of-an-attack-exploiting-the-adobe-zero-day-cve-2014-0502/
πŸ”— https://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html

Related Vulnerabilities

CVE-2012-525510.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525610.0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11....

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525710.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...