What is CVE-2014-0558?

CVE-2014-0558 is a vulnerability in Adobe Adobe_air, classified under Code Injection. Published 2014-10-15.

Is CVE-2014-0558 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Adobe Adobe_air

CVE-2014-0558

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 all…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.121 (93.9th percentile) — read the EPSS interpretation.

Affected products

Adobe Adobe_air — versions 13.0.0.83, 13.0.0.111, 14.0.0.110
Adobe Adobe_air_sdk — versions 13.0.0.83, 13.0.0.111, 14.0.0.110
Adobe Flash_player — versions 13.0.0.182, 13.0.0.201, 13.0.0.206
Apple Mac_os_x
Linux Linux_kernel
Microsoft Windows
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

openSUSE-SU-2014:1329 (vendor-advisory, x_refsource_SUSE)
61980 (x_refsource_SECUNIA, third-party-advisory)
SUSE-SU-2014:1360 (vendor-advisory, x_refsource_SUSE)
RHSA-2014:1648 (x_refsource_REDHAT, vendor-advisory)
1031019 (vdb-entry, x_refsource_SECTRACK)
psirt@adobe.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
openSUSE-SU-2015:0725 (vendor-advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2014-0558?: CVE-2014-0558 is a vulnerability in Adobe Adobe_air, classified under Code Injection. Published 2014-10-15.
Is CVE-2014-0558 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.