Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux) Network Vulnerability

Summary

This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow remote attackers to crash the application, denying service to legitimate users. Impact Level: Application

Solution

Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2 http://get.adobe.com/air http://www.adobe.com/support/flashplayer/downloads.html

Insight

Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

Affected

Adobe AIR version prior to 1.5.3.9130 Adobe Flash Player 10 version prior to 10.0.45.2 on Windows

References

http://www.adobe.com/support/security/bulletins/apsb10-06.html
https://bugzilla.redhat.com/show_bug.cgi?id=563819

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0186, CVE-2010-0187

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)
Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)
Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Windows)

Take action and discover your vulnerabilities