Signature Detail

HTTP: Adobe Flash Player resourceModuleURLs Usage

This signature detects usage of the resourceModuleURLs variable in Adobe Flash Player which could indicate an attack. The resourceModuleURLs variable is a legitimate variable which is prone to abuse, which makes it difficult to determine if its use is intended for malicious purposes.

Extended Description

Adobe Flex SDK is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to express-install template files. An attacker could exploit this vulnerability to execute arbitrary script code in the context of a web application built using the SDK. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Adobe Flex SDK 4.5.1 and prior versions are affected.

Affected Products

• Adobe Flash Builder 4.5
• Adobe Flex SDK 3.0.1
• Adobe Flex SDK 3.0.2
• Adobe Flex SDK 3.3
• Adobe Flex SDK 3.4
• Adobe Flex SDK 3.5
• Adobe Flex SDK 3.6
• Adobe Flex SDK 4.0
• Adobe Flex SDK 4.1
• Adobe Flex SDK 4.5
• Adobe Flex SDK 4.5.1
• HP Systems Insight Manager 4.0
• HP Systems Insight Manager 4.1
• HP Systems Insight Manager 4.1 Sp1
• HP Systems Insight Manager 4.2
• HP Systems Insight Manager 4.2 SP1
• HP Systems Insight Manager 4.2 SP2
• HP Systems Insight Manager 5.0
• HP Systems Insight Manager 5.0 SP1
• HP Systems Insight Manager 5.0 SP2
• HP Systems Insight Manager 5.0 SP3
• HP Systems Insight Manager 5.0 SP5
• HP Systems Insight Manager 5.0 SP6
• HP Systems Insight Manager 5.1 SP1
• HP Systems Insight Manager 5.2 SP2
• HP Systems Insight Manager 5.3
• HP Systems Insight Manager 5.3 Update 1
• HP Systems Insight Manager 6.0
• HP Systems Insight Manager 6.0.0.96
• HP Systems Insight Manager 6.1
• HP Systems Insight Manager 6.2
• HP Systems Insight Manager 6.3

References

• BugTraq: 50869
• CVE: CVE-2011-2461