Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability

Bugtraq ID:	69191
Class:	Unknown
CVE:	CVE-2014-0541
Remote:	Yes
Local:	No
Published:	Aug 12 2014 12:00AM
Updated:	Aug 21 2014 12:11AM
Credit:	Soroush Dalili from NCC Group
Vulnerable:	SuSE openSUSE 11.4 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client Gentoo Linux Adobe Flash Player 9.0.262 Adobe Flash Player 9.0.48.0 Adobe Flash Player 9.0.47.0 Adobe Flash Player 9.0.45.0 Adobe Flash Player 9.0.31.0 Adobe Flash Player 9.0.289.0 Adobe Flash Player 9.0.283.0 Adobe Flash Player 9.0.280 Adobe Flash Player 9.0.28.0 Adobe Flash Player 9.0.277.0 Adobe Flash Player 9.0.262.0 Adobe Flash Player 9.0.159.0 Adobe Flash Player 9.0.155.0 Adobe Flash Player 9.0.115.0 Adobe Flash Player 9 Adobe Flash Player 8.0.35.0 Adobe Flash Player 8.0.34.0 Adobe Flash Player 7.0.73.0 Adobe Flash Player 7.0.70.0 Adobe Flash Player 7.0.69.0 Adobe Flash Player 7.0.68.0 Adobe Flash Player 7.0.67.0 Adobe Flash Player 7.0.66.0 Adobe Flash Player 7.0.61.0 Adobe Flash Player 7.0.60.0 Adobe Flash Player 7.0.53.0 Adobe Flash Player 7.0.24.0 Adobe Flash Player 7.0.19.0 Adobe Flash Player 7.0.14.0 Adobe Flash Player 7 Adobe Flash Player 11.2.202.235 Adobe Flash Player 11.2.202.233 Adobe Flash Player 11.2.202.229 Adobe Flash Player 11.2.202.228 Adobe Flash Player 11.2.202.223 Adobe Flash Player 11.1.115.8 Adobe Flash Player 11.1.115.7 Adobe Flash Player 11.1.115.6 Adobe Flash Player 11.1.112.61 Adobe Flash Player 11.1.111.9 Adobe Flash Player 11.1.111.8 Adobe Flash Player 11.1.111.7 Adobe Flash Player 11.1.111.6 Adobe Flash Player 11.1.111.5 Adobe Flash Player 11.1.102.63 Adobe Flash Player 11.1.102.62 Adobe Flash Player 11.1.102.55 Adobe Flash Player 11.1.102.228 Adobe Flash Player 11.0.1.152 Adobe Flash Player 10.3.186.7 Adobe Flash Player 10.3.186.6 Adobe Flash Player 10.3.186.3 Adobe Flash Player 10.3.186.2 Adobe Flash Player 10.3.185.25 Adobe Flash Player 10.3.185.23 Adobe Flash Player 10.3.185.22 Adobe Flash Player 10.3.185.21 Adobe Flash Player 10.3.183.7 Adobe Flash Player 10.3.183.5 Adobe Flash Player 10.3.183.4 Adobe Flash Player 10.3.183.10 Adobe Flash Player 10.3.181.34 Adobe Flash Player 10.3.181.26 Adobe Flash Player 10.3.181.23 Adobe Flash Player 10.3.181.22 Adobe Flash Player 10.3.181.16 Adobe Flash Player 10.3.181.14 Adobe Flash Player 10.2.159.1 Adobe Flash Player 10.2.157.51 Adobe Flash Player 10.2.156.12 Adobe Flash Player 10.2.154.28 Adobe Flash Player 10.2.154.27 Adobe Flash Player 10.2.154.25 Adobe Flash Player 10.2.154.24 Adobe Flash Player 10.2.154.18 Adobe Flash Player 10.2.154.13 Adobe Flash Player 10.2.153.1 Adobe Flash Player 10.2.152.33 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152.21 Adobe Flash Player 10.2.152 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.95.1 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.85.3 Adobe Flash Player 10.1.82.76 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.102.65 Adobe Flash Player 10.1.102.64 Adobe AIR 2.0.4 Adobe AIR 2.0.3 Adobe AIR 1.5.3 .9130 Adobe AIR 1.5.3 .9120 Adobe AIR 1.5.3 Adobe AIR 1.5.2 Adobe AIR 1.5.1 Adobe AIR 3.2.0.2080 Adobe AIR 3.2.0.2070 Adobe AIR 3.1.0.4880 Adobe AIR 3.0 Adobe AIR 2.7.1.1961 Adobe AIR 2.7.1 Adobe AIR 2.7 Adobe AIR 2.6.19140 Adobe AIR 2.6.19120 Adobe AIR 2.6 Adobe AIR 2.5.1 Adobe AIR 2.0.2.12610 Adobe AIR 2.0.2 Adobe AIR 1.5 Adobe AIR 1.1 Adobe AIR 1.01 Adobe AIR 1.0
Not Vulnerable:

Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability

Adobe Flash Player and Adobe AIR are prone to an unspecified security-bypass vulnerability.

Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Adobe Flash Player and AIR CVE-2014-0541 Unspecified Security Bypass Vulnerability

References:

• Adobe AIR homepage (Adobe)
  
• Adobe Homepage (Adobe)