Unrated severityNVD Advisory· Published Jun 11, 2014· Updated Jun 17, 2026
CVE-2014-0531
CVE-2014-0531
Description
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0532 and CVE-2014-0533.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
37cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*range: <=13.0.0.111
- cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*
- (no CPE)range: before 14.0.0.110
cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*range: <=13.0.0.111
- cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:*:*:*:*:*:*:*
- (no CPE)range: before 14.0.0.110
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 30 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=13.0.0.214
- cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*
- (no CPE)range: before 13.0.0.223 and 14.x before 14.0.0.125 on Windows/OS X; before 11.2.202.378 on Linux
Patches
Vulnerability mechanics
References
13- helpx.adobe.com/security/products/flash-player/apsb14-16.htmlnvdPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2014-06/msg00021.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-06/msg00029.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-06/msg00030.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-0745.htmlnvd
- secunia.com/advisories/58390nvd
- secunia.com/advisories/58465nvd
- secunia.com/advisories/58585nvd
- secunia.com/advisories/59053nvd
- secunia.com/advisories/59304nvd
- security.gentoo.org/glsa/glsa-201406-17.xmlnvd
- www.securityfocus.com/bid/67962nvd
- www.securitytracker.com/id/1030368nvd
News mentions
0No linked articles in our index yet.