Adobe Flash Player Remote Code Execution Vulnerability (CVE-2014-8439)
Severity: : Critical
CVE Kennungen: : CVE-2014-8439,APSB14-26,APSB14-22
Advisory Date: 25 de listopada de 2014
DESCRIPTION
Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Patch: : http://helpx.adobe.com/security/products/flash-player/apsb14-26.html
Trend Micro Deep Security DPI Rule Number: 1006377
Trend Micro Deep Security DPI Rule Name: 1006377 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2014-8439)
AFFECTED SOFTWARE AND VERSION:
- Adobe Flash Player 15.0.0.223 and earlier versions
- Adobe Flash Player 13.0.0.252 and earlier 13.x versions
- Adobe Flash Player 11.2.202.418 and earlier versions for Linux
- adobe air 15.0.0.292
- adobe air_sdk 15.0.0.301
- adobe air_sdk_and_compiler 15.0.0.301
- adobe flash_player 11.2.202.423
- adobe flash_player 13.0.0.257
- adobe flash_player 14.0.0.179
- adobe flash_player 15.0.0.238
- apple mac_os_x