CVE-2014-0497

Publication date 5 February 2014

Last updated 23 September 2024

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
adobe-flashplugin 13.10 saucy
Fixed 11.2.202.336
12.10 quantal
Fixed 11.2.202.336
12.04 LTS precise
Fixed 11.2.202.336
10.04 LTS lucid Ignored end of life
flashplugin-nonfree 13.10 saucy
Fixed 11.2.202.336
12.10 quantal
Fixed 11.2.202.336
12.04 LTS precise
Fixed 11.2.202.336
10.04 LTS lucid Ignored end of life

Severity score breakdown

Parameter Value
Base score 9.8 · Critical
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H