Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win) Network Vulnerability

Summary

This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow remote attackers to bypass security restrictions. Impact Level: Application

Solution

Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2, http://get.adobe.com/air http://www.adobe.com/support/flashplayer/downloads.html

Insight

Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

Affected

Adobe AIR version prior to 1.5.3.9130 Adobe Flash Player 10 version prior to 10.0.45.2 on Windows

References

http://www.adobe.com/support/security/bulletins/apsb10-06.html
https://bugzilla.redhat.com/show_bug.cgi?id=563819

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0186, CVE-2010-0187

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple Mac OS X Denial of Service Vulnerability
Apple Safari Address Bar Spoofing Vulnerability june-10 (Win)
Adobe Reader Plugin Signature Bypass Vulnerability (Windows)
Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)
Asterisk SIP REGISTER Response Username Enumeration Vulnerability

Take action and discover your vulnerabilities