HTTP: Adobe Flash Player CVE-2014-0558 Remote Code Execution
This signature detects an attempt to exploit a known vulnerability against Adobe Flash Player while processing a malformed flash document. Successful exploitation could allow an attacker to bypass memory protection and perform ASLR to defeat the code execution protection mechanisms.
Extended Description
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0564.
Affected Products
Adobe adobe_air_sdk
References
CVE: CVE-2014-0558
Short Name
HTTP:STC:ADOBE:CVE-2014-0558-CE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe CVE-2014-0558 Code Execution Flash Player Remote
Release Date
11/10/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Adobe
CVSS Score
10.0