Summary
This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to bypass security restrictions.
Impact Level: Application
Solution
Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2, http://get.adobe.com/air
http://www.adobe.com/support/flashplayer/downloads.html
Insight
Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.
Affected
Adobe AIR version prior to 1.5.3.9130
Adobe Flash Player 10 version prior to 10.0.45.2 on Windows
References
Severity
Classification
-
CVE CVE-2010-0186, CVE-2010-0187 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
- Apache /server-info accessible
- Asterisk Missing ACL Check Remote Security Bypass Vulnerability
- Apache Tomcat XML External Entity Information Disclosure Vulnerability
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)