VIR Vulnerability Intelligence Relay

CVE-2014-0543

critical
Published 2014-08-12 · Modified 2026-05-06
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0542, CVE-2014-0544, and CVE-2014-0545.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — http://helpx.adobe.com/security/products/flash-player/apsb14-18.html

OS impact
OSVersionStatusFixed in
macos macosnot-affected
linux linux-kernelnot-affected

Application impact
VendorProductVersionsFixed
adobeflash_player{"endIncluding":"13.0.0.231"}
adobeflash_player13.0.0.182
adobeflash_player13.0.0.201
adobeflash_player13.0.0.206
adobeflash_player13.0.0.214
adobeflash_player13.0.0.223
adobeflash_player14.0.0.125
adobeflash_player14.0.0.145
adobeflash_player11.2.202.223
adobeflash_player11.2.202.228
adobeflash_player11.2.202.233
adobeflash_player11.2.202.235
adobeflash_player11.2.202.236
adobeflash_player11.2.202.238
adobeflash_player11.2.202.243
adobeflash_player11.2.202.251
adobeflash_player11.2.202.258
adobeflash_player11.2.202.261
adobeflash_player11.2.202.262
adobeflash_player11.2.202.270
adobeflash_player11.2.202.273
adobeflash_player11.2.202.275
adobeflash_player11.2.202.280
adobeflash_player11.2.202.285
adobeflash_player11.2.202.291
adobeflash_player11.2.202.297
adobeflash_player11.2.202.310
adobeflash_player11.2.202.332
adobeflash_player11.2.202.335
adobeflash_player11.2.202.336
adobeflash_player11.2.202.341
adobeflash_player11.2.202.346
adobeflash_player11.2.202.350
adobeflash_player11.2.202.356
adobeflash_player11.2.202.359
adobeflash_player11.2.202.378
adobeadobe_air_sdk{"endIncluding":"14.0.0.137"}
adobeadobe_air_sdk13.0.0.83
adobeadobe_air_sdk13.0.0.111
adobeadobe_air_sdk14.0.0.110
adobeadobe_air{"endIncluding":"14.0.0.110"}
adobeadobe_air13.0.0.83
adobeadobe_air13.0.0.111
adobeadobe_air14.0.0.110

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.