Adobe Flash Player Remote Code Execution Vulnerability (CVE-2014-8439)

  Severity: CRITICAL
  CVE Identifier: CVE-2014-8439,APSB14-26,APSB14-22
  Advisory Date: NOV 25, 2014

  DESCRIPTION

Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  PATCH: http://helpx.adobe.com/security/products/flash-player/apsb14-26.html

  Trend Micro Deep Security DPI Rule Number: 1006377
  Trend Micro Deep Security DPI Rule Name: 1006377 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2014-8439)

  AFFECTED SOFTWARE AND VERSION

  • Adobe Flash Player 15.0.0.223 and earlier versions
  • Adobe Flash Player 13.0.0.252 and earlier 13.x versions
  • Adobe Flash Player 11.2.202.418 and earlier versions for Linux
  • adobe air 15.0.0.292
  • adobe air_sdk 15.0.0.301
  • adobe air_sdk_and_compiler 15.0.0.301
  • adobe flash_player 11.2.202.423
  • adobe flash_player 13.0.0.257
  • adobe flash_player 14.0.0.179
  • adobe flash_player 15.0.0.238
  • apple mac_os_x

Featured Stories