VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 8, 2014· Updated May 6, 2026

CVE-2014-0508

CVE-2014-0508

Description

Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Adobe Flash Player before patched versions allows bypassing same-origin policy and reading clipboard via crafted SWF files.

Vulnerability

Adobe Flash Player versions before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X, before 11.2.202.350 on Linux, as well as Adobe AIR before 13.0.0.83 on Android and AIR SDK versions before 13.0.0.83, contain a vulnerability that allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors [1][2]. The issue is related to the Same Origin Policy and clipboard access [2].

Exploitation

Exploitation requires the attacker to entice a user into opening a specially crafted SWF file in a vulnerable version of Adobe Flash Player or AIR [2]. No authentication is needed, and the attacker can be remote. The exact attack vector is not fully disclosed but involves bypassing security restrictions through crafted content.

Impact

Successful exploitation allows an attacker to bypass the Same Origin Policy, potentially reading sensitive data from other domains, or to read the clipboard contents [2]. This can lead to information disclosure, such as stealing authentication tokens or other sensitive user data.

Mitigation

Update Adobe Flash Player to version 11.7.700.275 or later, 13.0.0.182 or later, or 11.2.202.350 or later (Linux). For Adobe AIR, update to version 13.0.0.83 or later. Gentoo recommends upgrading to version 11.2.202.356 [1][2]. No workaround is available.

References
  1. http://rhn.redhat.com/errata/RHSA-2014-0380.html
  2. Multiple vulnerabilities (GLSA 201405-04) — Gentoo security

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

162
  • Adobe Inc./Air58 versions
    cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*+ 57 more
    • cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*range: <=4.0.0.1390
    • cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.0.4990:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.0.8.4990:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.1.0.5790:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.0.7220:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.1.8210:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.3.9120:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.3.9130:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.0.2.12610:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.0.3.13070:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.5.0.16600:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.5.1.17730:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.6.0.19120:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.6.0.19140:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7.0.1948:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7.0.19480:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7.0.1953:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7.0.19530:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:2.7.1.19610:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.0.0.408:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.0.0.4080:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.1.0.485:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.1.0.488:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.1.0.4880:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.2.0.207:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.2.0.2070:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.3.0.3670:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.4.0.2540:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.4.0.2710:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.5.0.1060:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.5.0.600:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.5.0.880:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.5.0.890:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.6.0.597:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.6.0.6090:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.7.0.1530:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.7.0.1860:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.7.0.2090:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.8.0.870:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.8.0.910:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.9.0.1030:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.9.0.1060:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.9.0.1210:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:3.9.0.1380:*:*:*:*:*:*:*
    • (no CPE)range: <13.0.0.83
  • Adobe Inc./Air Sdk25 versions
    cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*range: <=4.0.0.1628
    • cpe:2.3:a:adobe:adobe_air_sdk:3.0.0.4080:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.1.0.488:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.2.0.2070:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3650:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.3.0.3690:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2540:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.4.0.2710:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.1060:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.600:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.880:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.5.0.890:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.6.0.599:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.6.0.6090:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.7.0.1530:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.7.0.1860:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.7.0.2090:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.8.0.1430:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.8.0.870:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.8.0.910:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.9.0.1030:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.9.0.1210:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:3.9.0.1380:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air_sdk:4.0.0.1390:*:*:*:*:*:*:*
    • (no CPE)range: <13.0.0.83
  • Adobe Inc./Flashplayer79 versions
    cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 78 more
    • cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=11.2.202.346
    • cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.111.44:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.111.50:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.111.54:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.115.48:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.115.54:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.115.58:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.327:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.257:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.262:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.265:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.268:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.270:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.271:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.3.300.273:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.4.402.265:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.4.402.278:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.4.402.287:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.5.502.110:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.5.502.135:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.5.502.136:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.5.502.146:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.5.502.149:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.6.602.167:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.6.602.168:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.6.602.171:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.6.602.180:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.169:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.202:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.224:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.232:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.242:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.252:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.257:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.7.700.260:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.8.800.168:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.8.800.94:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.8.800.97:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.9.900.117:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.9.900.152:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:11.9.900.170:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:12.0.0.38:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:12.0.0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:12.0.0.43:*:*:*:*:*:*:*
    • (no CPE)range: <11.7.700.275 for Windows/OS X; <13.0.0.182 for 11.8.x-13.0.x; <11.2.202.350 for Linux

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.