Adobe Flash Player Stack Buffer Overflow Vulnerability (CVE-2014-9163) (apsb14-27)
Release date:
Updated on:
Affected Systems:
Adobe Flash Player <= 15.0.0.239
Description:
Bugtraq id: 71582
CVE (CAN) ID: CVE-2014-9163
Adobe Flash Player is an integrated multimedia Player.
Adobe Flash Player has a security vulnerability when calling parseFloat for a data type. Attackers can exploit this vulnerability to cause stack buffer overflow and execute arbitrary code in the context of the current process.
<* Source: Bilou
Link: http://zerodayinitiative.com/advisories/ZDI-14-417/
Https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
*>
Suggestion:
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (apsb14-27) and patches for this:
Apsb14-27: Security updates available for Adobe Flash Player
Link: https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
Patch download: http://www.adobe.com/go/getflash
This article permanently updates the link address: