Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
BID:69705
CVE-2014-548 |Info
Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
| Bugtraq ID: | 69705 |
| Class: | Origin Validation Error |
| CVE: |
CVE-2014-0548 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 09 2014 12:00AM |
| Updated: | Mar 19 2015 08:20AM |
| Credit: | Masato Kinugawa |
| Vulnerable: |
SuSE openSUSE 11.4 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client Gentoo Linux Adobe Flash Player 10.1.53 .64 Adobe Flash Player 10.1.51 .66 Adobe Flash Player 10.0.45 2 Adobe Flash Player 10.0.32 18 Adobe Flash Player 10.0.22 .87 Adobe Flash Player 10.0.15 .3 Adobe Flash Player 10.0.12 .36 Adobe Flash Player 10.0.12 .35 Adobe Flash Player 9.0.262 Adobe Flash Player 9.0.246 0 Adobe Flash Player 9.0.152 .0 Adobe Flash Player 9.0.151 .0 Adobe Flash Player 9.0.124 .0 Adobe Flash Player 9.0.48.0 Adobe Flash Player 9.0.47.0 Adobe Flash Player 9.0.45.0 Adobe Flash Player 9.0.31.0 Adobe Flash Player 9.0.289.0 Adobe Flash Player 9.0.283.0 Adobe Flash Player 9.0.280 Adobe Flash Player 9.0.28.0 Adobe Flash Player 9.0.277.0 Adobe Flash Player 9.0.262.0 Adobe Flash Player 9.0.260.0 Adobe Flash Player 9.0.246.0 Adobe Flash Player 9.0.159.0 Adobe Flash Player 9.0.155.0 Adobe Flash Player 9.0.115.0 Adobe Flash Player 9 Adobe Flash Player 8.0.35.0 Adobe Flash Player 8.0.34.0 Adobe Flash Player 8 Adobe Flash Player 7.0.73.0 Adobe Flash Player 7.0.70.0 Adobe Flash Player 7.0.69.0 Adobe Flash Player 7.0.68.0 Adobe Flash Player 7.0.67.0 Adobe Flash Player 7.0.66.0 Adobe Flash Player 7.0.61.0 Adobe Flash Player 7.0.60.0 Adobe Flash Player 7.0.53.0 Adobe Flash Player 7.0.24.0 Adobe Flash Player 7.0.19.0 Adobe Flash Player 7.0.14.0 Adobe Flash Player 7 Adobe Flash Player 6.0.79 Adobe Flash Player 6.0.21.0 Adobe Flash Player 11.2.202.235 Adobe Flash Player 11.2.202.233 Adobe Flash Player 11.2.202.229 Adobe Flash Player 11.2.202.228 Adobe Flash Player 11.2.202.223 Adobe Flash Player 11.1.115.8 Adobe Flash Player 11.1.115.7 Adobe Flash Player 11.1.115.6 Adobe Flash Player 11.1.112.61 Adobe Flash Player 11.1.111.9 Adobe Flash Player 11.1.111.8 Adobe Flash Player 11.1.111.7 Adobe Flash Player 11.1.111.6 Adobe Flash Player 11.1.111.5 Adobe Flash Player 11.1.102.63 Adobe Flash Player 11.1.102.62 Adobe Flash Player 11.1.102.55 Adobe Flash Player 11.1.102.228 Adobe Flash Player 11.0.1.152 Adobe Flash Player 10.3.186.7 Adobe Flash Player 10.3.186.6 Adobe Flash Player 10.3.186.3 Adobe Flash Player 10.3.186.2 Adobe Flash Player 10.3.185.25 Adobe Flash Player 10.3.185.23 Adobe Flash Player 10.3.185.22 Adobe Flash Player 10.3.185.21 Adobe Flash Player 10.3.183.7 Adobe Flash Player 10.3.183.5 Adobe Flash Player 10.3.183.4 Adobe Flash Player 10.3.183.10 Adobe Flash Player 10.3.181.34 Adobe Flash Player 10.3.181.26 Adobe Flash Player 10.3.181.23 Adobe Flash Player 10.3.181.22 Adobe Flash Player 10.3.181.16 Adobe Flash Player 10.3.181.14 Adobe Flash Player 10.2.159.1 Adobe Flash Player 10.2.157.51 Adobe Flash Player 10.2.156.12 Adobe Flash Player 10.2.154.28 Adobe Flash Player 10.2.154.27 Adobe Flash Player 10.2.154.25 Adobe Flash Player 10.2.154.24 Adobe Flash Player 10.2.154.18 Adobe Flash Player 10.2.154.13 Adobe Flash Player 10.2.153.1 Adobe Flash Player 10.2.152.33 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152.21 Adobe Flash Player 10.2.152 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.95.1 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.85.3 Adobe Flash Player 10.1.82.76 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.102.65 Adobe Flash Player 10.1.102.64 Adobe Flash Player 10.1 Release Candida Adobe Flash Player 10.0.42.34 Adobe Flash Player 10.0.32.18 Adobe Flash Player 10 Adobe AIR 2.0.4 Adobe AIR 2.0.3 Adobe AIR 1.5.3 .9130 Adobe AIR 1.5.3 .9120 Adobe AIR 1.5.3 Adobe AIR 1.5.2 Adobe AIR 1.5.1 Adobe AIR 3.2.0.2080 Adobe AIR 3.2.0.2070 Adobe AIR 3.1.0.4880 Adobe AIR 3.0 Adobe AIR 2.7.1.1961 Adobe AIR 2.7.1 Adobe AIR 2.7 Adobe AIR 2.6.19140 Adobe AIR 2.6.19120 Adobe AIR 2.6 Adobe AIR 2.5.1 Adobe AIR 2.0.3 Adobe AIR 2.0.2.12610 Adobe AIR 2.0.2 Adobe AIR 1.5 Adobe AIR 1.1 Adobe AIR 1.01 Adobe AIR 1.0 |
| Not Vulnerable: | |
Discussion
Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
Adobe Flash Player and AIR are prone to an unspecified same-origin policy security-bypass vulnerability.
An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks.
Adobe Flash Player and AIR are prone to an unspecified same-origin policy security-bypass vulnerability.
An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks.
Exploit / POC
Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
References:
References:
- Adobe AIR homepage (Adobe)
- Adobe Homepage (Adobe)