Description

The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors.

Remediation

References

CVE-2015-7369

Related Vulnerabilities

WordPress Plugin YOP Poll Unspecified Vulnerability (5.7.7)

WordPress Plugin Header Footer Code Manager SQL Injection (1.1.13)

WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15)

Oracle Application Server CVE-2006-3707 Vulnerability (CVE-2006-3707)

WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.16.65)

Severity

High

Classification

CVE-2015-7369 CWE-284

Tags

Missing Update Known Vulnerabilities