Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win) Network Vulnerability

Summary

This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow remote attackers to bypass security restrictions. Impact Level: Application

Solution

Update to Adobe Air 1.5.3.9130 or Adobe Flash Player 10.0.45.2, http://get.adobe.com/air http://www.adobe.com/support/flashplayer/downloads.html

Insight

Cross domain vulnerabilities present in Adobe Flash Player/Adobe Air allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

Affected

Adobe AIR version prior to 1.5.3.9130 Adobe Flash Player 10 version prior to 10.0.45.2 on Windows

References

http://www.adobe.com/support/security/bulletins/apsb10-06.html
https://bugzilla.redhat.com/show_bug.cgi?id=563819

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0186, CVE-2010-0187
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple Safari Webkit Multiple Vulnerabilities - March 2011
Apple Remote Desktop Information Disclosure Vulnerability
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)

Take action and discover your vulnerabilities