CVE-2014-0501
critical
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
10.0
Description
Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| adobe | shockwave_player | {"endIncluding":"12.0.7.148"} | |
| adobe | shockwave_player | 11.0.0.456 | |
| adobe | shockwave_player | 11.0.3.471 | |
| adobe | shockwave_player | 11.5.0.595 | |
| adobe | shockwave_player | 11.5.0.596 | |
| adobe | shockwave_player | 11.5.1.601 | |
| adobe | shockwave_player | 11.5.2.602 | |
| adobe | shockwave_player | 11.5.6.606 | |
| adobe | shockwave_player | 11.5.7.609 | |
| adobe | shockwave_player | 11.5.8.612 | |
| adobe | shockwave_player | 11.5.9.615 | |
| adobe | shockwave_player | 11.5.9.620 | |
| adobe | shockwave_player | 11.5.10.620 | |
| adobe | shockwave_player | 11.6.0.626 | |
| adobe | shockwave_player | 11.6.1.629 | |
| adobe | shockwave_player | 11.6.3.633 | |
| adobe | shockwave_player | 11.6.4.634 | |
| adobe | shockwave_player | 11.6.5.635 | |
| adobe | shockwave_player | 11.6.6.636 | |
| adobe | shockwave_player | 11.6.7.637 | |
| adobe | shockwave_player | 11.6.8.638 | |
| adobe | shockwave_player | 12.0.0.112 | |
| adobe | shockwave_player | 12.0.2.122 | |
| adobe | shockwave_player | 12.0.3.133 | |
| adobe | shockwave_player | 12.0.4.144 | |
| adobe | shockwave_player | 12.0.6.147 | |
References
- http://helpx.adobe.com/security/products/shockwave/apsb14-06.html
- http://osvdb.org/103158
- http://secunia.com/advisories/56740
- http://www.securityfocus.com/bid/65493
- http://www.securitytracker.com/id/1029740
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91008
- http://helpx.adobe.com/security/products/shockwave/apsb14-06.html
- http://osvdb.org/103158
- http://secunia.com/advisories/56740
- http://www.securityfocus.com/bid/65493
- http://www.securitytracker.com/id/1029740
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91008
CWEs
CWE-119
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.