Summary
This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to crash the application, denying service to legitimate users.
Impact Level: Application
Solution
Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2 http://get.adobe.com/air
http://www.adobe.com/support/flashplayer/downloads.html
Insight
Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.
Affected
Adobe AIR version prior to 1.5.3.9130
Adobe Flash Player 10 version prior to 10.0.45.2 on Windows
References
Severity
Classification
-
CVE CVE-2010-0186, CVE-2010-0187 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
- Brother HL-5370DW Printer 'post/panel.html' Security Bypass Vulnerability
- Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
- Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)