Sign-up

ID

VAR-201403-0247


CVE

CVE-2014-0503


TITLE

Adobe Flash Player Vulnerabilities that bypass the same origin policy

Trust: 0.8

sources: JVNDB: JVNDB-2014-001615

DESCRIPTION

Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks. The product enables viewing of applications, content and video across screens and browsers. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted SWF file using Adobe Flash Player, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.356" References ========== [ 1 ] CVE-2014-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0498 [ 2 ] CVE-2014-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0499 [ 3 ] CVE-2014-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0502 [ 4 ] CVE-2014-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0503 [ 5 ] CVE-2014-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0504 [ 6 ] CVE-2014-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0506 [ 7 ] CVE-2014-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0507 [ 8 ] CVE-2014-0508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0508 [ 9 ] CVE-2014-0509 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0509 [ 10 ] CVE-2014-0515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0515 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201405-04.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: flash-plugin security update Advisory ID: RHSA-2014:0289-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0289.html Issue date: 2014-03-12 CVE Names: CVE-2014-0503 CVE-2014-0504 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB14-08, listed in the References section. (CVE-2014-0503) A vulnerability was reported that could be used to read the contents of the clipboard. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.346-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.346-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.346-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.346-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.346-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.346-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.346-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.346-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.346-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.346-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-0503.html https://www.redhat.com/security/data/cve/CVE-2014-0504.html https://access.redhat.com/security/updates/classification/#moderate https://helpx.adobe.com/security/products/flash-player/apsb14-08.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFTIKnTXlSAg2UNWIIRAg/aAKCtaoCjpv2r5cXe4KVmdPVFeLAcdwCdHrIo 76ZW0zH9apL6Fc7u/Gx+QEc= =XmOy -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.16

sources: NVD: CVE-2014-0503 // JVNDB: JVNDB-2014-001615 // BID: 66122 // VULHUB: VHN-67996 // PACKETSTORM: 126479 // PACKETSTORM: 125667

AFFECTED PRODUCTS

vendor:adobemodel:flash playerscope:gteversion:11.0

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:11.2.202.346

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:12.0.0.77

Trust: 1.0

vendor:adobemodel:flash playerscope:gteversion:11.8

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:11.7.700.272

Trust: 1.0

vendor:googlemodel:chromescope:ltversion:33.0.1750.149

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.8.x from 12.0.x (windows 8.0 edition internet explorer 10)

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:12.0.0.77

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:machintosh version linux edition chrome)

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.2.202.346

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.8.x from 12.0.x (windows macintosh)

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.7.700.272

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:(linux)

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:ltversion:)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:(windows macintosh)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.8.x from 12.0.x (windows 8.1 edition internet explorer 11)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.8.x from 12.0.x (windows edition

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:eqversion:10 (windows 8/windows server 2012/windows rt : adobe flash player 12.0.0.77

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:eqversion:11 (windows 8.1/windows server 2012 r2/windows rt 8.1 : adobe flash player 12.0.0.77

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.1.102.62

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.0.1.152

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.1.102.63

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.1.102.55

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.7.700.252

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.1.115.34

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.0

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.8.800.97

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.7.700.260

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:11.9.900.152

Trust: 0.6

vendor:susemodel:linux enterprise desktop sp3scope:eqversion:11

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.3

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.92

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.90

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.89

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.85

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.82

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.80

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.79

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.76

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.74

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.71

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.7

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.68

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.66

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.64

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.62

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.60

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.59

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.57

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.55

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.53

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.51

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.48

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.46

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.44

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.42

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.40

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.39

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.37

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.35

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.31

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.28

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.26

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.24

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.22

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.20

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.19

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.16

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.146

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.144

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.14

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.135

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.132

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.13

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.125

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.124

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.117

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.116

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.113

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.111

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.108

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.106

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:33.0.1750.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:8.112.0.0.38

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:8.012.0.0.38

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:12.070

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:11.7.700169

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:12.0.0.44

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:12.0.0.43

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:12.0.0.41

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:11.9.900.170

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:11.7.700.269

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:eqversion:11.6.602.180

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:eqversion:12.070

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:eqversion:12.0.0.44

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:eqversion:12.0.0.41

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:eqversion:12.0.0.38

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:eqversion:11.9.900.170

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:eqversion:11.7.700.269

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:12.070

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.7.700202

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.7.700169

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:12.0.0.44

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:12.0.0.41

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.6.602.180

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.6.602.171

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.5.31.5

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.5.31.137

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.4.402.287

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.4.402.265

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.3.31.331

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.3.31.230

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.3.31.110

Trust: 0.3

vendor:adobemodel:flash player for chromescope:eqversion:11.3.300.271

Trust: 0.3

vendor:googlemodel:chromescope:neversion:33.0.1750.149

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:neversion:12.077

Trust: 0.3

vendor:adobemodel:flash player for windowsscope:neversion:11.7.700272

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:neversion:12.077

Trust: 0.3

vendor:adobemodel:flash player for macintoshscope:neversion:11.7.700272

Trust: 0.3

vendor:adobemodel:flash player for chromescope:neversion:12.077

Trust: 0.3

sources: BID: 66122 // JVNDB: JVNDB-2014-001615 // CNNVD: CNNVD-201403-233 // NVD: CVE-2014-0503

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0503
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0503
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201403-233
value: MEDIUM

Trust: 0.6

VULHUB: VHN-67996
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-0503
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-67996
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-67996 // JVNDB: JVNDB-2014-001615 // CNNVD: CNNVD-201403-233 // NVD: CVE-2014-0503

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-67996 // JVNDB: JVNDB-2014-001615 // NVD: CVE-2014-0503

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-233

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201403-233

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001615

PATCH
title:APSB14-08url:http://helpx.adobe.com/security/products/flash-player/apsb14-08.html
Trust: 0.8
title:APSB14-08url:http://helpx.adobe.com/jp/security/products/flash-player/apsb14-08.html
Trust: 0.8
title:Google Chromeurl:http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja
Trust: 0.8
title:Stable Channel Updateurl:http://googlechromereleases.blogspot.jp/2014/03/stable-channel-update_11.html
Trust: 0.8
title:Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801)url:http://technet.microsoft.com/en-us/security/advisory/2755801
Trust: 0.8
title:RHSA-2014:0289url:http://rhn.redhat.com/errata/RHSA-2014-0289.html
Trust: 0.8
title:Internet Explorer 上の Adobe Flash Player の脆弱性に対応する更新プログラム (2755801)url:http://technet.microsoft.com/ja-jp/security/advisory/2755801
Trust: 0.8
title:アドビ システムズ社 Adobe Flash Player の脆弱性に関するお知らせurl:http://www.fmworld.net/biz/common/adobe/20140313f.html
Trust: 0.8
title:install_flash_player_11_linux.x86_64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48503
Trust: 0.6
title:install_flash_player_osxurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48502
Trust: 0.6
title:install_flashplayer12x32_gtbd_chrd_dn_aaa_aihurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48501
Trust: 0.6
title:fp_11.7.700.272_archiveurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48500
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2014-001615 // 
            
            
            
            CNNVD: CNNVD-201403-233

EXTERNAL IDS
db:NVDid:CVE-2014-0503
Trust: 3.0
db:JVNDBid:JVNDB-2014-001615
Trust: 0.8
db:CNNVDid:CNNVD-201403-233
Trust: 0.7
db:SECUNIAid:57164
Trust: 0.6
db:SECUNIAid:57271
Trust: 0.6
db:SECUNIAid:57341
Trust: 0.6
db:BIDid:66122
Trust: 0.4
db:PACKETSTORMid:125667
Trust: 0.2
db:VULHUBid:VHN-67996
Trust: 0.1
db:PACKETSTORMid:126479
Trust: 0.1
sources:
            
            
            VULHUB: VHN-67996 // 
            
            
            
            BID: 66122 // 
            
            
            
            JVNDB: JVNDB-2014-001615 // 
            
            
            
            PACKETSTORM: 126479 // 
            
            
            
            PACKETSTORM: 125667 // 
            
            
            
            CNNVD: CNNVD-201403-233 // 
            
            
            
            NVD: CVE-2014-0503

REFERENCES
url:http://helpx.adobe.com/security/products/flash-player/apsb14-08.html
Trust: 2.1
url:http://security.gentoo.org/glsa/glsa-201405-04.xml
Trust: 1.2
url:http://rhn.redhat.com/errata/rhsa-2014-0289.html
Trust: 1.2
url:http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00014.html
Trust: 1.1
url:http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00013.html
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0503
Trust: 0.8
url:http://www.ipa.go.jp/security/ciadr/vul/20140312-adobeflashplayer.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0503
Trust: 0.8
url:http://www.npa.go.jp/cyberpolice/topics/?seq=13266
Trust: 0.8
url:http://secunia.com/advisories/57164
Trust: 0.6
url:http://secunia.com/advisories/57271
Trust: 0.6
url:http://secunia.com/advisories/57341
Trust: 0.6
url:http://www.adobe.com
Trust: 0.3
url:http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2014-0504
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2014-0503
Trust: 0.2
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0515
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0502
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0508
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0502
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0507
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0504
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0508
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0515
Trust: 0.1
url:http://security.gentoo.org/
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0498
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0507
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0509
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0498
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0509
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
url:https://www.redhat.com/mailman/listinfo/rhsa-announce
Trust: 0.1
url:https://access.redhat.com/security/team/key/#package
Trust: 0.1
url:https://access.redhat.com/site/articles/11258
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2014-0503.html
Trust: 0.1
url:https://access.redhat.com/security/updates/classification/#moderate
Trust: 0.1
url:https://bugzilla.redhat.com/):
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2014-0504.html
Trust: 0.1
url:https://access.redhat.com/security/team/contact/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-67996 // 
            
            
            
            BID: 66122 // 
            
            
            
            JVNDB: JVNDB-2014-001615 // 
            
            
            
            PACKETSTORM: 126479 // 
            
            
            
            PACKETSTORM: 125667 // 
            
            
            
            CNNVD: CNNVD-201403-233 // 
            
            
            
            NVD: CVE-2014-0503

CREDITS
Masato Kinugawa
Trust: 0.3
sources:
            
            
            BID: 66122

SOURCES
db:VULHUBid:VHN-67996
db:BIDid:66122
db:JVNDBid:JVNDB-2014-001615
db:PACKETSTORMid:126479
db:PACKETSTORMid:125667
db:CNNVDid:CNNVD-201403-233
db:NVDid:CVE-2014-0503

LAST UPDATE DATE
2025-04-13T22:22:10.755000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-67996date:2018-12-13T00:00:00
db:BIDid:66122date:2015-03-19T08:30:00
db:JVNDBid:JVNDB-2014-001615date:2014-04-07T00:00:00
db:CNNVDid:CNNVD-201403-233date:2014-03-17T00:00:00
db:NVDid:CVE-2014-0503date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-67996date:2014-03-12T00:00:00
db:BIDid:66122date:2014-03-11T00:00:00
db:JVNDBid:JVNDB-2014-001615date:2014-03-13T00:00:00
db:PACKETSTORMid:126479date:2014-05-05T17:15:13
db:PACKETSTORMid:125667date:2014-03-12T21:14:23
db:CNNVDid:CNNVD-201403-233date:2014-03-17T00:00:00
db:NVDid:CVE-2014-0503date:2014-03-12T05:15:20.163