Adobe Flash Player/AIR Information Leak Vulnerability (CVE-2014-8437)

Adobe Flash Player/AIR Information Leak Vulnerability (CVE-2014-8437)

Release date:
Updated on:

Affected Systems:
Adobe Flash Player 15.x
Adobe Flash Player 14.x
Adobe Flash Player 13.x
Adobe Flash Player 11.x
Description:
Bugtraq id: 71036
CVE (CAN) ID: CVE-2014-8437

Adobe Flash Player is an integrated multimedia Player. Adobe AIR is a technology developed based on the combination of network and desktop applications. It can control cloud programs on the network without having to use a browser.

Adobe Flash Player versions earlier than 13.0.0.252, 15.0.0.223 (Windows/OS X), 11.2.202.418 (Linux), Adobe AIR 15.0.0.356, and Adobe AIR SDK 15.0.0.356, adobe air sdk & Compiler 15.0.0.356 and earlier versions have a security vulnerability. Attackers can exploit this vulnerability to obtain sensitive information.

<* Source: anonymous

Link: http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
*>

Suggestion:
Vendor patch:

Adobe
-----
Adobe has released a Security Bulletin (apsb14-24) and patches for this:
Apsb14-24: Security updates available for Adobe Flash Player
Link: http://helpx.adobe.com/security/products/flash-player/apsb14-24.html

This article permanently updates the link address: