Adobe Presenter Viewer.swf And Loadflash.js XSS Vulnerability Network Vulnerability

Summary

The host is running Adobe Presenter, which prone to to input validation errors which can be exploited by malicious people to conduct cross-site scripting vulnerability.

Impact

Execution of arbitrary HTML or Scripting code in the security context of the affected web site. Impact Level : Application

Solution

Upgrade to Adobe Presenter 7.0.1, http://www.adobe.com/downloads/

Insight

Input validation errors in the 'viewer.swf' and 'loadflash.js' files, which could be exploited by attackers to execute arbitrary scripting code in the user's browser session.

Affected

Adobe Presenter 6.x and 7.x

References

http://secunia.com/advisories/31432/
http://www.adobe.com/support/security/bulletins/apsb08-17.html
http://www.frsirt.com/english/advisories/2008/2322

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3515, CVE-2008-3516

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

An Image Gallery Directory Traversal Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
Apache ActiveMQ Multiple Vulnerabilities
1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities

Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

Take action and discover your vulnerabilities