CVE-2014-0507

critical

Published 2014-04-08 · Modified 2026-05-06

CVSS v3

—

CVSS v2

9.3

VIR risk

9.3

Description

Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — http://helpx.adobe.com/security/products/flash-player/apsb14-09.html

OS impact

OS	Version	Status	Fixed in
linux-kernel		not-affected
macos		not-affected

Application impact

Vendor	Product	Versions
adobe	flash_player	`11.0`
adobe	flash_player	`11.0.1.152`
adobe	flash_player	`11.0.1.153`
adobe	flash_player	`11.1`
adobe	flash_player	`11.1.102.55`
adobe	flash_player	`11.1.102.59`
adobe	flash_player	`11.1.102.62`
adobe	flash_player	`11.1.102.63`
adobe	flash_player	`11.1.111.8`
adobe	flash_player	`11.1.111.44`
adobe	flash_player	`11.1.111.50`
adobe	flash_player	`11.1.111.54`
adobe	flash_player	`11.1.115.7`
adobe	flash_player	`11.1.115.34`
adobe	flash_player	`11.1.115.48`
adobe	flash_player	`11.1.115.54`
adobe	flash_player	`11.1.115.58`
adobe	flash_player	`11.2.202.223`
adobe	flash_player	`11.2.202.228`
adobe	flash_player	`11.2.202.233`
adobe	flash_player	`11.2.202.235`
adobe	flash_player	`11.2.202.236`
adobe	flash_player	`11.2.202.238`
adobe	flash_player	`11.2.202.243`
adobe	flash_player	`11.2.202.251`
adobe	flash_player	`11.2.202.258`
adobe	flash_player	`11.2.202.261`
adobe	flash_player	`11.2.202.262`
adobe	flash_player	`11.2.202.270`
adobe	flash_player	`11.2.202.273`
adobe	flash_player	`11.2.202.275`
adobe	flash_player	`11.2.202.280`
adobe	flash_player	`11.2.202.285`
adobe	flash_player	`11.3.300.257`
adobe	flash_player	`11.3.300.262`
adobe	flash_player	`11.3.300.265`
adobe	flash_player	`11.3.300.268`
adobe	flash_player	`11.3.300.270`
adobe	flash_player	`11.3.300.271`
adobe	flash_player	`11.3.300.273`
adobe	flash_player	`11.4.402.265`
adobe	flash_player	`11.4.402.278`
adobe	flash_player	`11.4.402.287`
adobe	flash_player	`11.5.502.110`
adobe	flash_player	`11.5.502.135`
adobe	flash_player	`11.5.502.136`
adobe	flash_player	`11.5.502.146`
adobe	flash_player	`11.5.502.149`
adobe	flash_player	`11.6.602.167`
adobe	flash_player	`11.6.602.168`
adobe	flash_player	`11.6.602.171`
adobe	flash_player	`11.6.602.180`
adobe	flash_player	`11.7.700.169`
adobe	flash_player	`11.7.700.202`
adobe	flash_player	`11.7.700.224`
adobe	flash_player	`11.7.700.232`
adobe	flash_player	`11.7.700.242`
adobe	flash_player	`11.7.700.252`
adobe	flash_player	`11.7.700.257`
adobe	flash_player	`11.7.700.260`
adobe	flash_player	`11.8.800.94`
adobe	flash_player	`11.8.800.97`
adobe	flash_player	`11.8.800.168`
adobe	flash_player	`11.9.900.117`
adobe	flash_player	`11.9.900.152`
adobe	flash_player	`11.9.900.170`
adobe	flash_player	`12.0.0.38`
adobe	flash_player	`12.0.0.41`
adobe	flash_player	`12.0.0.43`
adobe	flash_player	`{"endIncluding":"11.2.202.346"}`
adobe	flash_player	`11.2.202.291`
adobe	flash_player	`11.2.202.297`
adobe	flash_player	`11.2.202.310`
adobe	flash_player	`11.2.202.327`
adobe	flash_player	`11.2.202.332`
adobe	flash_player	`11.2.202.335`
adobe	flash_player	`11.2.202.336`
adobe	flash_player	`11.2.202.341`
adobe	adobe_air_sdk	`{"endIncluding":"4.0.0.1628"}`
adobe	adobe_air_sdk	`3.0.0.4080`
adobe	adobe_air_sdk	`3.1.0.488`
adobe	adobe_air_sdk	`3.2.0.2070`
adobe	adobe_air_sdk	`3.3.0.3650`
adobe	adobe_air_sdk	`3.3.0.3690`
adobe	adobe_air_sdk	`3.4.0.2540`
adobe	adobe_air_sdk	`3.4.0.2710`
adobe	adobe_air_sdk	`3.5.0.600`
adobe	adobe_air_sdk	`3.5.0.880`
adobe	adobe_air_sdk	`3.5.0.890`
adobe	adobe_air_sdk	`3.5.0.1060`
adobe	adobe_air_sdk	`3.6.0.599`
adobe	adobe_air_sdk	`3.6.0.6090`
adobe	adobe_air_sdk	`3.7.0.1530`
adobe	adobe_air_sdk	`3.7.0.1860`
adobe	adobe_air_sdk	`3.7.0.2090`
adobe	adobe_air_sdk	`3.8.0.870`
adobe	adobe_air_sdk	`3.8.0.910`
adobe	adobe_air_sdk	`3.8.0.1430`
adobe	adobe_air_sdk	`3.9.0.1030`
adobe	adobe_air_sdk	`3.9.0.1210`
adobe	adobe_air_sdk	`3.9.0.1380`
adobe	adobe_air_sdk	`4.0.0.1390`
adobe	adobe_air	`{"endIncluding":"4.0.0.1390"}`
adobe	adobe_air	`1.0`
adobe	adobe_air	`1.0.1`
adobe	adobe_air	`1.0.8.4990`
adobe	adobe_air	`1.0.4990`
adobe	adobe_air	`1.1`
adobe	adobe_air	`1.1.0.5790`
adobe	adobe_air	`1.5`
adobe	adobe_air	`1.5.0.7220`
adobe	adobe_air	`1.5.1`
adobe	adobe_air	`1.5.1.8210`
adobe	adobe_air	`1.5.2`
adobe	adobe_air	`1.5.3`
adobe	adobe_air	`1.5.3.9120`
adobe	adobe_air	`1.5.3.9130`
adobe	adobe_air	`2.0.2`
adobe	adobe_air	`2.0.2.12610`
adobe	adobe_air	`2.0.3`
adobe	adobe_air	`2.0.3.13070`
adobe	adobe_air	`2.0.4`
adobe	adobe_air	`2.5.0.16600`
adobe	adobe_air	`2.5.1.17730`
adobe	adobe_air	`2.6`
adobe	adobe_air	`2.6.0.19120`
adobe	adobe_air	`2.6.0.19140`
adobe	adobe_air	`2.7`
adobe	adobe_air	`2.7.0.1948`
adobe	adobe_air	`2.7.0.1953`
adobe	adobe_air	`2.7.0.19480`
adobe	adobe_air	`2.7.0.19530`
adobe	adobe_air	`2.7.1`
adobe	adobe_air	`2.7.1.19610`
adobe	adobe_air	`3.0.0.408`
adobe	adobe_air	`3.0.0.4080`
adobe	adobe_air	`3.1.0.485`
adobe	adobe_air	`3.1.0.488`
adobe	adobe_air	`3.1.0.4880`
adobe	adobe_air	`3.2.0.207`
adobe	adobe_air	`3.2.0.2070`
adobe	adobe_air	`3.3.0.3670`
adobe	adobe_air	`3.4.0.2540`
adobe	adobe_air	`3.4.0.2710`
adobe	adobe_air	`3.5.0.600`
adobe	adobe_air	`3.5.0.880`
adobe	adobe_air	`3.5.0.890`
adobe	adobe_air	`3.5.0.1060`
adobe	adobe_air	`3.6.0.597`
adobe	adobe_air	`3.6.0.6090`
adobe	adobe_air	`3.7.0.1530`
adobe	adobe_air	`3.7.0.1860`
adobe	adobe_air	`3.7.0.2090`
adobe	adobe_air	`3.8.0.870`
adobe	adobe_air	`3.8.0.910`
adobe	adobe_air	`3.9.0.1030`
adobe	adobe_air	`3.9.0.1060`
adobe	adobe_air	`3.9.0.1210`
adobe	adobe_air	`3.9.0.1380`

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.