CVE-2014-0516

Vulnerability

Adobe Flash Player versions prior to 13.0.0.214 on Windows and OS X, and prior to 11.2.202.359 on Linux, as well as Adobe AIR SDK and AIR SDK & Compiler versions prior to 13.0.0.111, are affected by a Same Origin Policy (SOP) bypass vulnerability [1][2]. The exact mechanism is unspecified, but the flaw allows remote attackers to bypass the SOP, which normally restricts how scripts from one origin can interact with resources from another origin.

Exploitation

An attacker can exploit this vulnerability by delivering a crafted SWF file to a victim's browser or AIR application. No authentication is required, and the attack can be launched remotely via a malicious website or embedded content. The user only needs to load the malicious Flash content. The attacker can then bypass the SOP to read data from other origins, potentially accessing sensitive information from other websites or services.

Impact

Successful exploitation allows the attacker to bypass the Same Origin Policy, leading to unauthorized cross-domain data access. This can result in information disclosure of sensitive data from other origins, such as authentication tokens, personal information, or other web content. The attacker operates within the security context of the Flash Player plugin or AIR runtime, but gains the ability to read data from domains that should be isolated.

Mitigation

Adobe released fixed versions: Flash Player 13.0.0.214 (Windows/OS X) and 11.2.202.359 (Linux), and AIR SDK 13.0.0.111 [1][2]. Red Hat and Gentoo advisories recommend upgrading to these versions. No workaround is available; users should apply the updates as soon as possible.