Adobe Flash Player Remote Code Execution Vulnerability (CVE-2014-0536)

  Severity: CRITICAL
  Advisory Date: JUN 04, 2014

  DESCRIPTION

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and before 11.2.202.378 on Linux allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

  TREND MICRO PROTECTION INFORMATION

Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:

  • 1006111 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2014-0536)

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.359 and earlier versions for Linux
  • Adobe AIR 13.0.0.111 SDK and earlier versions
  • Adobe AIR 13.0.0.111 SDK & Compiler and earlier versions
  • Adobe AIR 13.0.0.111 and earlier versions for Android
  • Adobe AIR 13.0.0.111 and earlier versions for Windows and Macintosh