CVE-2014-0497

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.

Published: Feb 5, 2014
Updated: Nov 9, 2025
CVE: CVE-2014-0497
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Affected Software
References

Software	From	Fixed in
adobe / flash_player	-	11.2.202.336
adobe / flash_player	-	11.7.700.261
adobe / flash_player	11.8.800.94	12.0.0.44
google / chrome	-	32.0.1700.107
redhat / enterprise_linux_desktop	5.0	5.0.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_eus	6.5	6.5.x
redhat / enterprise_linux_server	5.0	5.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_server_aus	6.5	6.5.x
redhat / enterprise_linux_workstation	5.0	5.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
opensuse / opensuse	11.4	11.4.x
opensuse / opensuse	12.3	12.3.x
opensuse / opensuse	13.1	13.1.x
suse / linux_enterprise_desktop	11-sp2	11-sp2.x
suse / linux_enterprise_desktop	11-sp3	11-sp3.x

Vulnerability Database

300,445

CVE-2014-0497

Deep Security Visibility Without the Complexity