CVE-2014-0502

HIGH Year: 2014
CVSS v3 Score
8.8
High
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-415
View all →

Vulnerability Description

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.

Related Vulnerabilities

CVE-2016-1516

HIGH
CVSS:8.8(High)

OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.

CWE-4152016

CVE-2017-14449

HIGH
CVSS:8.8(High)

A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a spe...

CWE-4152017

CVE-2017-7393

HIGH
CVSS:8.8(High)

In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.

CWE-4152017

CVE-2017-9078

HIGH
CVSS:8.8(High)

The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.

CWE-4152017

CVE-2018-1000216

HIGH
CVSS:8.8(High)

Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker m...

CWE-4152018

CVE-2018-1000222

HIGH
CVSS:8.8(High)

Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted J...

CWE-4152018