CVE-2014-0497 - Vulnerability Details

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since Sept. 17, 2024.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Adobe	Flash Player
Apple	Mac Os X Macos
Google	Chrome Chrome Os
Linux	Linux Kernel
Microsoft	Windows
Opensuse	Opensuse
Redhat	Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Workstation Rhel Extras
Suse	Linux Enterprise Desktop

Configuration 1 [-]

AND

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:a:adobe:flash_player::::::::
	cpe:2.3:a:adobe:flash_player::::::::

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:google:chrome_os:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::

Package	CPE	Advisory	Released Date
Supplementary for Red Hat Enterprise Linux 5
flash-plugin-0:11.2.202.336-1.el5	cpe:/a:redhat:rhel_extras:5	RHSA-2014:0137	2014-02-05T00:00:00Z
Supplementary for Red Hat Enterprise Linux 6
flash-plugin-0:11.2.202.336-1.el6	cpe:/a:redhat:rhel_extras:6	RHSA-2014:0137	2014-02-05T00:00:00Z

References

Link	Providers
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html
http://helpx.adobe.com/security/products/flash-player/apsb14-04.html
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html
http://rhn.redhat.com/errata/RHSA-2014-0137.html
http://secunia.com/advisories/56437
http://secunia.com/advisories/56737
http://secunia.com/advisories/56780
http://secunia.com/advisories/56799
http://secunia.com/advisories/56839
http://www.exploit-db.com/exploits/33212
http://www.osvdb.org/102849
http://www.securityfocus.com/bid/65327
http://www.securitytracker.com/id/1029715
https://exchange.xforce.ibmcloud.com/vulnerabilities/90884
https://nvd.nist.gov/vuln/detail/CVE-2014-0497
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cve.org/CVERecord?id=CVE-2014-0497

History

Thu, 19 Sep 2024 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple macos Google Google chrome Google chrome Os Opensuse Opensuse opensuse Redhat enterprise Linux Desktop Redhat enterprise Linux Eus Redhat enterprise Linux Server Redhat enterprise Linux Server Aus Redhat enterprise Linux Workstation Suse Suse linux Enterprise Desktop
Weaknesses	CWE-189
CPEs		cpe:2.3:a:google:chrome:::::::: cpe:2.3:o:apple:macos:-:::::::* cpe:2.3:o:google:chrome_os:-:::::::* cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:opensuse:opensuse:11.4:::::::* cpe:2.3:o:opensuse:opensuse:12.3:::::::* cpe:2.3:o:opensuse:opensuse:13.1:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.5:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:::::: cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
Vendors & Products		Apple macos Google Google chrome Google chrome Os Opensuse Opensuse opensuse Redhat enterprise Linux Desktop Redhat enterprise Linux Eus Redhat enterprise Linux Server Redhat enterprise Linux Server Aus Redhat enterprise Linux Workstation Suse Suse linux Enterprise Desktop

Wed, 18 Sep 2024 19:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-191
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}` kev `{'dateAdded': '2024-09-17'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 18 Sep 2024 05:00:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2014-02-05T02:00:00

Updated: 2024-09-18T18:44:05.382Z

Reserved: 2013-12-20T00:00:00

Link: CVE-2014-0497

Vulnrichment

Updated: 2024-08-06T09:20:18.507Z

NVD

Status : Deferred

Published: 2014-02-05T05:15:29.897

Modified: 2025-04-11T00:51:21.963

Link: CVE-2014-0497

Redhat

Severity : Critical

Publid Date: 2014-02-04T00:00:00Z

Links: CVE-2014-0497 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-02T19:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "33212", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/33212"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html"}, {"name": "SUSE-SU-2014:0221", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html"}, {"name": "RHSA-2014:0137", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html"}, {"name": "102849", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/102849"}, {"name": "65327", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65327"}, {"name": "56799", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56799"}, {"name": "1029715", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029715"}, {"name": "56737", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56737"}, {"name": "56437", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56437"}, {"name": "openSUSE-SU-2014:0203", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html"}, {"name": "56780", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56780"}, {"name": "openSUSE-SU-2014:0197", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html"}, {"name": "56839", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56839"}, {"name": "adobe-flash-cve20140497-code-exec(90884)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2014-0497", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33212", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/33212"}, {"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html", "refsource": "CONFIRM", "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html"}, {"name": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html"}, {"name": "SUSE-SU-2014:0221", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html"}, {"name": "RHSA-2014:0137", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html"}, {"name": "102849", "refsource": "OSVDB", "url": "http://www.osvdb.org/102849"}, {"name": "65327", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65327"}, {"name": "56799", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56799"}, {"name": "1029715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029715"}, {"name": "56737", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56737"}, {"name": "56437", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56437"}, {"name": "openSUSE-SU-2014:0203", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html"}, {"name": "56780", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56780"}, {"name": "openSUSE-SU-2014:0197", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html"}, {"name": "56839", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56839"}, {"name": "adobe-flash-cve20140497-code-exec(90884)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:20:18.507Z"}, "title": "CVE Program Container", "references": [{"name": "33212", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/33212"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html"}, {"name": "SUSE-SU-2014:0221", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html"}, {"name": "RHSA-2014:0137", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html"}, {"name": "102849", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/102849"}, {"name": "65327", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65327"}, {"name": "56799", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56799"}, {"name": "1029715", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1029715"}, {"name": "56737", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56737"}, {"name": "56437", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56437"}, {"name": "openSUSE-SU-2014:0203", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html"}, {"name": "56780", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56780"}, {"name": "openSUSE-SU-2014:0197", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html"}, {"name": "56839", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56839"}, {"name": "adobe-flash-cve20140497-code-exec(90884)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-191", "lang": "en", "description": "CWE-191 Integer Underflow (Wrap or Wraparound)"}]}], "affected": [{"vendor": "adobe", "product": "flash_player", "cpes": ["cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "11.7.700.261", "versionType": "custom"}, {"version": "12.0.0", "status": "affected", "lessThanOrEqual": "12.0.0.44", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-09-17", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-18T18:34:13.496174Z", "id": "CVE-2014-0497", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T18:44:05.382Z"}}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2014-0497", "datePublished": "2014-02-05T02:00:00", "dateReserved": "2013-12-20T00:00:00", "dateUpdated": "2024-09-18T18:44:05.382Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.exploit-db.com/exploits/33212", "name": "33212", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html", "name": "SUSE-SU-2014:0221", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html", "name": "RHSA-2014:0137", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://www.osvdb.org/102849", "name": "102849", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/65327", "name": "65327", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://secunia.com/advisories/56799", "name": "56799", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1029715", "name": "1029715", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "http://secunia.com/advisories/56737", "name": "56737", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://secunia.com/advisories/56437", "name": "56437", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html", "name": "openSUSE-SU-2014:0203", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://secunia.com/advisories/56780", "name": "56780", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html", "name": "openSUSE-SU-2014:0197", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://secunia.com/advisories/56839", "name": "56839", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884", "name": "adobe-flash-cve20140497-code-exec(90884)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:20:18.507Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "kev", "content": {"dateAdded": "2024-09-17", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}, {"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2014-0497", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-18T18:34:13.496174Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*"], "vendor": "adobe", "product": "flash_player", "versions": [{"status": "affected", "version": "0", "lessThan": "11.7.700.261", "versionType": "custom"}, {"status": "affected", "version": "12.0.0", "versionType": "custom", "lessThanOrEqual": "12.0.0.44"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-191", "description": "CWE-191 Integer Underflow (Wrap or Wraparound)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T18:34:48.573Z"}, "timeline": [{"lang": "en", "time": "2024-09-17T00:00:00+00:00", "value": "CVE-2014-0497 added to CISA KEV"}]}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-02-04T00:00:00", "references": [{"url": "http://www.exploit-db.com/exploits/33212", "name": "33212", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html", "name": "SUSE-SU-2014:0221", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html", "name": "RHSA-2014:0137", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://www.osvdb.org/102849", "name": "102849", "tags": ["vdb-entry", "x_refsource_OSVDB"]}, {"url": "http://www.securityfocus.com/bid/65327", "name": "65327", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://secunia.com/advisories/56799", "name": "56799", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.securitytracker.com/id/1029715", "name": "1029715", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "http://secunia.com/advisories/56737", "name": "56737", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://secunia.com/advisories/56437", "name": "56437", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html", "name": "openSUSE-SU-2014:0203", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://secunia.com/advisories/56780", "name": "56780", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html", "name": "openSUSE-SU-2014:0197", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://secunia.com/advisories/56839", "name": "56839", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884", "name": "adobe-flash-cve20140497-code-exec(90884)", "tags": ["vdb-entry", "x_refsource_XF"]}], "descriptions": [{"lang": "en", "value": "Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2018-01-02T19:57:01"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.exploit-db.com/exploits/33212", "name": "33212", "refsource": "EXPLOIT-DB"}, {"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html", "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html", "refsource": "CONFIRM"}, {"url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html", "name": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html", "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html", "name": "SUSE-SU-2014:0221", "refsource": "SUSE"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html", "name": "RHSA-2014:0137", "refsource": "REDHAT"}, {"url": "http://www.osvdb.org/102849", "name": "102849", "refsource": "OSVDB"}, {"url": "http://www.securityfocus.com/bid/65327", "name": "65327", "refsource": "BID"}, {"url": "http://secunia.com/advisories/56799", "name": "56799", "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id/1029715", "name": "1029715", "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/56737", "name": "56737", "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/56437", "name": "56437", "refsource": "SECUNIA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html", "name": "openSUSE-SU-2014:0203", "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/56780", "name": "56780", "refsource": "SECUNIA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html", "name": "openSUSE-SU-2014:0197", "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/56839", "name": "56839", "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884", "name": "adobe-flash-cve20140497-code-exec(90884)", "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-0497", "STATE": "PUBLIC", "ASSIGNER": "psirt@adobe.com"}}}}, "cveMetadata": {"cveId": "CVE-2014-0497", "state": "PUBLISHED", "dateUpdated": "2024-09-17T16:20:23.448Z", "dateReserved": "2013-12-20T00:00:00", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "datePublished": "2014-02-05T02:00:00", "assignerShortName": "adobe"}, "dataVersion": "5.1"}

{"cisaActionDue": "2024-10-08", "cisaExploitAdd": "2024-09-17", "cisaRequiredAction": "The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.", "cisaVulnerabilityName": "Adobe Flash Player Integer Underflow Vulnerablity", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FFB96CE-2C20-471A-BA61-36909F36400F", "versionEndExcluding": "11.2.202.336", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "D00F33E5-B1D9-4D70-9BA7-994BB84A423D", "versionEndExcluding": "11.7.700.261", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "53CBCC27-0B1B-4DAA-990E-A724720C3C58", "versionEndExcluding": "12.0.0.44", "versionStartIncluding": "11.8.800.94", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "D956DCBD-B205-4A80-A8C5-82C186F50DEF", "versionEndExcluding": "32.0.1700.107", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "matchCriteriaId": "00720D8C-3FF3-4B1C-B74B-91F01A544399", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento inferior de enteros en Adobe Flash Player anterior a 11.7.700.261 y 11.8.x hasta 12.0.x anterior a 12.0.0.44 en Windows y Mac OS X, y anterior a 11.2.202.336 en Linux, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-0497", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2014-02-05T05:15:29.897", "references": [{"source": "psirt@adobe.com", "tags": ["Release Notes"], "url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html"}, {"source": "psirt@adobe.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56437"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56737"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56780"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56799"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56839"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/33212"}, {"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://www.osvdb.org/102849"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/65327"}, {"source": "psirt@adobe.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029715"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-04.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0137.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56437"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56737"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56780"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56799"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://secunia.com/advisories/56839"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/33212"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.osvdb.org/102849"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/65327"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029715"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90884"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-191"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-191"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2014:0137", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "flash-plugin-0:11.2.202.336-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2014-02-05T00:00:00Z"}, {"advisory": "RHSA-2014:0137", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:11.2.202.336-1.el6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2014-02-05T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: integer underflow flaw leads to arbitrary code execution (APSB14-04)", "id": "1061469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1061469"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-190", "details": ["Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors."], "name": "CVE-2014-0497", "public_date": "2014-02-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-0497\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0497\nhttp://helpx.adobe.com/security/products/flash-player/apsb14-04.html\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Critical"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object