CVE-2014-0545

Publication date 12 August 2014

Last updated 24 July 2024

Ubuntu priority

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, and CVE-2014-0544.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
adobe-flashplugin	14.04 LTS trusty	Fixed 11.2.202.400
	12.04 LTS precise	Fixed 11.2.202.400
	10.04 LTS lucid	Ignored end of life
flashplugin-nonfree	14.04 LTS trusty	Fixed 11.2.202.400
	12.04 LTS precise	Fixed 11.2.202.400
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://helpx.adobe.com/security/products/flash-player/apsb14-18.html
https://www.cve.org/CVERecord?id=CVE-2014-0545