QwikSec

Security Database

CVE

CWE

Training

CVE-2014-0502

Published: Feb 21, 2014

Modified: Oct 22, 2025

PUBLISHED

Description

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2014:0278

vendor-advisory

x_refsource_SUSE

https://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html

x_refsource_MISC

vendor-advisory

x_refsource_GENTOO

http://helpx.adobe.com/security/products/flash-player/apsb14-07.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2014:0290

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2014:0277

vendor-advisory

x_refsource_SUSE

http://www.alienvault.com/open-threat-exchange/blog/analysis-of-an-attack-exploiting-the-adobe-zero-day-cve-2014-0502/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.