Adobe Flex SDK Cross-Site Scripting Vulnerability (Win)

Summary
This host is installed with Adobe Flex SDK and is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation could allow remote attackers to cause XSS attacks by injecting arbitrary web script or HTML via the query string on the affected application. Impact Level: Application
Solution
Upgrade to Flex SDK version 3.4 http://opensource.adobe.com/wiki/display/flexsdk/Download+Flex+3 **************************************************************** Note: This script detects Adobe Flex SDK installed as part of Adobe Flex Builder only. If SDK is installed seperately, manual verification is required. ****************************************************************
Insight
The flaw is due to error in 'index.template.html' in the express-install templates and it occurs when the installed Flash version is older than a specified 'requiredMajorVersion' value.
Affected
Adobe Flex SDK version prior to 3.4 on Windows
References