Unrated severityNVD Advisory· Published Feb 21, 2014· Updated Apr 29, 2026

CVE-2014-0498

Description

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.

Affected products

Adobe Inc./Air
cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
Range: <4.0.0.1628
Adobe Inc./Air Sdk
cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*
Range: <4.0.0.1628
Adobe Inc./Flash Player
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Range: >=11.0,<11.7.700.269

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/flash-player/apsb14-07.htmlnvdPatchVendor Advisory
lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.htmlnvdMailing ListThird Party Advisory
rhn.redhat.com/errata/RHSA-2014-0196.htmlnvdThird Party Advisory
security.gentoo.org/glsa/glsa-201405-04.xmlnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000