Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
| Link | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2014-10/msg00033.html | third party advisory vendor advisory |
| http://www.securityfocus.com/bid/70441 | vdb entry third party advisory |
| http://secunia.com/advisories/61980 | third party advisory |
| http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00002.html | mailing list third party advisory vendor advisory |
| http://rhn.redhat.com/errata/RHSA-2014-1648.html | vendor advisory broken link |
| http://www.securitytracker.com/id/1031019 | vdb entry third party advisory |
| http://www.zerodayinitiative.com/advisories/ZDI-14-365/ | vdb entry third party advisory |
| http://helpx.adobe.com/security/products/flash-player/apsb14-22.html | patch vendor advisory |
| http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html | mailing list third party advisory vendor advisory |