MGASA-2014-0091

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2014-0091.html
Import Source
https://advisories.mageia.org/MGASA-2014-0091.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2014-0091
Upstream
  • CVE-2014-0498
  • CVE-2014-0499
  • CVE-2014-0502
Published
2014-02-21T18:20:39Z
Modified
2026-04-16T06:26:10.896761950Z
Summary
Updated flash-player-plugin package fixes security vulnerabilities
Details

Adobe Flash Player 11.2.202.341 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to remotely take control of the affected system.

This update resolves a stack overflow vulnerability that could result in arbitrary code execution (CVE-2014-0498).

This update resolves a memory leak vulnerability that could be used to defeat memory address layout randomization (CVE-2014-0499).

This update resolves a double free vulnerability that could result in arbitrary code execution (CVE-2014-0502).

Adobe is aware of reports that CVE-2014-0502 is being exploited in the wild.

References
Credits

Affected packages

Mageia:3 / flash-player-plugin

Package

Name
flash-player-plugin
Purl
pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.2.202.341-1.mga3.nonfree

Ecosystem specific 

{
    "section": "nonfree"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0091.json"

Mageia:4 / flash-player-plugin

Package

Name
flash-player-plugin
Purl
pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.2.202.341-1.mga4.nonfree

Ecosystem specific 

{
    "section": "nonfree"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0091.json"