CyberSec.Space Logo
Back to CVE Browser

CVE-2014-9163

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score65.9750%
EPSS Percentile85.07th
PublishedDec 10, 2014
Last ModifiedApr 21, 2026

Vulnerability Description

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.

Affected Platforms (CPE)

πŸ“¦
Adobe

Flash Player

>= 13.0 and < 13.0.0.259
πŸ“¦
Adobe

Flash Player

>= 14.0 and <= 14.0.0.179
πŸ“¦
Adobe

Flash Player

>= 15.0 and < 15.0.0.246
πŸ“¦
Adobe

Flash Player

>= 11.0 and < 11.2.202.425

References & Advisories

πŸ”— http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
πŸ”— http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
πŸ”— https://github.com/cisagov/vulnrichment/issues/196
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-9163

Related Vulnerabilities

CVE-2012-525510.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525610.0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11....

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525710.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...