{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T07:29:39.661","vulnerabilities":[{"cve":{"id":"CVE-2014-0502","sourceIdentifier":"psirt@adobe.com","published":"2014-02-21T05:07:00.017","lastModified":"2026-04-21T21:11:58.067","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014."},{"lang":"es","value":"Vulnerabilidad de doble liberación en Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x anterior a 12.0.0.70 en Windows y Mac OS X y anterior a 11.2.202.341 en Linux, Adobe AIR anterior a 4.0.0.1628 en Android, Adobe AIR SDK anterior a 4.0.0.1628 y Adobe AIR SDK & Compiler anterior a 4.0.0.1628 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como se demostró activamente en febrero 2014."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2024-09-17","cisaActionDue":"2024-10-08","cisaRequiredAction":"The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.","cisaVulnerabilityName":"Adobe Flash Player Double Free Vulnerablity","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*","versionEndExcluding":"11.7.700.269","matchCriteriaId":"CE22099C-BC63-499E-A515-EFFEA7F5EEFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*","versionStartIncluding":"11.8.800.94","versionEndExcluding":"12.0.0.70","matchCriteriaId":"5695E310-F309-4E89-B0B2-A43E922BEF26"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*","matchCriteriaId":"4781BF1E-8A4E-4AFF-9540-23D523EE30DD"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.0.1628","matchCriteriaId":"1CD86A5A-B01B-4624-BE59-08E41A8C40DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.202.341","matchCriteriaId":"1AF78710-B045-41A8-A080-FA287D72BB8F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.0.1628","matchCriteriaId":"6ED74F32-A4F4-424C-B9E7-C54F3DAFFDE6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","matchCriteriaId":"DE554781-1EB9-446E-911F-6C11970C47F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","matchCriteriaId":"DFBF430B-0832-44B0-AA0E-BA9E467F7668"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","matchCriteriaId":"A10BC294-9196-425F-9FB0-B1625465B47F"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*","matchCriteriaId":"3ED68ADD-BBDA-4485-BC76-58F011D72311"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","matchCriteriaId":"133AAFA7-AF42-4D7B-8822-AA2E85611BF5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*","matchCriteriaId":"569964DA-31BE-4520-A66D-C3B09D557AB8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","matchCriteriaId":"54D669D4-6D7E-449D-80C1-28FA44F06FFE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*","matchCriteriaId":"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","matchCriteriaId":"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}]}]}],"references":[{"url":"http://helpx.adobe.com/security/products/flash-player/apsb14-07.html","source":"psirt@adobe.com","tags":["Broken Link","Patch","Vendor Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html","source":"psirt@adobe.com","tags":["Mailing List"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html","source":"psirt@adobe.com","tags":["Mailing List"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html","source":"psirt@adobe.com","tags":["Mailing List"]},{"url":"http://rhn.redhat.com/errata/RHSA-2014-0196.html","source":"psirt@adobe.com","tags":["Third Party Advisory"]},{"url":"http://security.gentoo.org/glsa/glsa-201405-04.xml","source":"psirt@adobe.com","tags":["Third Party Advisory"]},{"url":"http://www.alienvault.com/open-threat-exchange/blog/analysis-of-an-attack-exploiting-the-adobe-zero-day-cve-2014-0502/","source":"psirt@adobe.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html","source":"psirt@adobe.com","tags":["Exploit","Third Party Advisory"]},{"url":"http://helpx.adobe.com/security/products/flash-player/apsb14-07.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch","Vendor Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"http://rhn.redhat.com/errata/RHSA-2014-0196.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://security.gentoo.org/glsa/glsa-201405-04.xml","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://www.alienvault.com/open-threat-exchange/blog/analysis-of-an-attack-exploiting-the-adobe-zero-day-cve-2014-0502/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0502","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}