Think you have a false positive on this rule?

Sid 1-49586

Message

FILE-FLASH Adobe Flash Player byteArray uncompress information disclosure attempt

Summary

This event is generated when an attacker attempts to exploit an information disclosure vulnerability in Adobe Flash Player related to the byteArray.uncompress function.

Impact

Attempted User Privilege Gain

CVE-2014-8440:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Detailed information

CVE-2014-8440: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8441.

Affected systems

  • adobe air 15.0.0.293
  • adobe air_sdk 15.0.0.302
  • adobe airsdk&_compiler 15.0.0.302
  • adobe flash_player 11.2.202.411
  • adobe flash_player 13.0.0.250
  • adobe flash_player 14.0.0.176
  • adobe flash_player 15.0.0.189

Ease of attack

CVE-2014-8440:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

False negatives

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • helpx.adobe.com/security/products/flash-player/apsb14-24.html