Adobe Flash Player Integer Underflow Vulnerablity
Adobe — Flash Player
- Added to KEV catalog
- 17 September 2024
- Federal remediation due date
- 8 October 2024
- Weakness classification (CWE)
- CWE-191
CISA Description
Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.
Required action
The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.
Notes
https://www.adobe.com/products/flashplayer/end-of-life-alternative.html#eol-alternative-faq ; https://nvd.nist.gov/vuln/detail/CVE-2014-0497
More Adobe Vulnerabilities
Adobe ColdFusion Path Traversal Vulnerability
Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
Adobe Acrobat and Reader Prototype Pollution Vulnerability
Adobe Acrobat Use-After-Free Vulnerability
Adobe Commerce and Magento Improper Input Validation Vulnerability
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services