This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:SWF-UNVRSL-XSS
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Adobe Flash Player Universal Cross Site Scripting
|
Release Date |
2012/02/16
|
Update Number |
2084
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Adobe Flash Player Universal Cross Site Scripting
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary Javascript execution.
Extended Description
Adobe Flash Player is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker could exploit this vulnerability to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Affected Products
- Adobe flash_player 10
- Adobe flash_player 10.0.0.584
- Adobe flash_player 10.0.12.10
- Adobe flash_player 10.0.12 .35
- Adobe flash_player 10.0.12 .36
- Adobe flash_player 10.0.15 .3
- Adobe flash_player 10.0.22.87
- Adobe flash_player 10.0.32 18
- Adobe flash_player 10.0.32.18
- Adobe flash_player 10.0.42.34
- Adobe flash_player 10.0.45 2
- Adobe flash_player 10.0.45 2
- Adobe flash_player 10.0.45.2
- Adobe flash_player 10.1.102.64
- Adobe flash_player 10.1.102.65
- Adobe flash_player 10.1.105.6
- Adobe flash_player 10.1.106.16
- Adobe flash_player 10.1.51.66
- Adobe flash_player 10.1.52.14.1
- Adobe flash_player 10.1.52.15
- Adobe flash_player 10.1.53.64
- Adobe flash_player 10.1.82.76
- Adobe flash_player 10.1.85.3
- Adobe flash_player 10.1.92.10
- Adobe flash_player 10.1.92.10
- Adobe flash_player 10.1.92.8
- Adobe flash_player 10.1.95.1
- Adobe flash_player 10.1.95.2
- Adobe flash_player 10.1.95.2
- Adobe flash_player 10.1 Release Candidate
- Adobe flash_player 10.2.152
- Adobe flash_player 10.2.152.21
- Adobe flash_player 10.2.152.32
- Adobe flash_player 10.2.152.33
- Adobe flash_player 10.2.153.1
- Adobe flash_player 10.2.154.13
- Adobe flash_player 10.2.154.18
- Adobe flash_player 10.2.154.24
- Adobe flash_player 10.2.154.25
- Adobe flash_player 10.2.154.27
- Adobe flash_player 10.2.154.28
- Adobe flash_player 10.2.156.12
- Adobe flash_player 10.2.157.51
- Adobe flash_player 10.2.159.1
- Adobe flash_player 10.3.181.14
- Adobe flash_player 10.3.181.16
- Adobe flash_player 10.3.181.16
- Adobe flash_player 10.3.181.22
- Adobe flash_player 10.3.181.23
- Adobe flash_player 10.3.181.26
- Adobe flash_player 10.3.181.34
- Adobe flash_player 10.3.183.10
- Adobe flash_player 10.3.183.4
- Adobe flash_player 10.3.183.5
- Adobe flash_player 10.3.183.7
- Adobe flash_player 10.3.185.21
- Adobe flash_player 10.3.185.22
- Adobe flash_player 10.3.185.22
- Adobe flash_player 10.3.185.23
- Adobe flash_player 10.3.185.25
- Adobe flash_player 10.3.186.2
- Adobe flash_player 10.3.186.3
- Adobe flash_player 10.3.186.6
- Adobe flash_player 10.3.186.7
- Adobe flash_player 11.0.1.152
- Adobe flash_player 11.1.102.55
- Adobe flash_player 11.1.111.5
- Adobe flash_player 11.1.112.61
- Gentoo linux
- Red_hat enterprise_linux_desktop_supplementary 5 Client
- Red_hat enterprise_linux_desktop_supplementary 6
- Red_hat enterprise_linux_server_supplementary 6
- Red_hat enterprise_linux_supplementary 5 Server
- Red_hat enterprise_linux_workstation_supplementary 6
- Research_in_motion blackberry_playbook_tablet_software 2.0.1.358
- Suse opensuse 11.4
- Suse suse_linux_enterprise_desktop 10 SP4
- Suse suse_linux_enterprise_desktop 11 SP1
- Suse suse_linux_enterprise_desktop 11 SP1 for SP2
References