The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.yuiblog.com/blog/2010/10/25/yui-2-8-2-security-update/ http://secunia.com/advisories/41955 http://www.openwall.com/lists/oss-security/2010/11/07/1 http://yuilibrary.com/support/2.8.2/ http://www.vuxml.org/freebsd/d560b346-08a2-11e0-bcca-0050568452ac.html

The following package is affected: yahoo-ui CVE-2010-4207 Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf. CVE-2010-4208 Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf. CVE-2010-4209 Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.