Adobe Flash Player Stack-Based Buffer Overflow Vulnerability (CVE-2014-9163)

  Severity: CRITICAL
  CVE Identifier: CVE-2014-9163
  Advisory Date: DEC 10, 2014

  DESCRIPTION

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Adobe Flash Player 15.0.0.242 and earlier versions
  • Adobe Flash Player 13.0.0.258 and earlier 13.x versions
  • Adobe Flash Player 11.2.202.424 and earlier versions for Linux