Test Kennung:	1.3.6.1.4.1.25623.1.0.900829
Kategorie:	General
Titel:	Adobe Flex SDK Cross-Site Scripting Vulnerability (Windows)
Zusammenfassung:	This host is installed with Adobe Flex SDK and is prone to; Cross-Site Scripting vulnerability.
Beschreibung:	Summary: This host is installed with Adobe Flex SDK and is prone to Cross-Site Scripting vulnerability. Vulnerability Insight: The flaw is due to error in 'index.template.html' in the express-install templates and it occurs when the installed Flash version is older than a specified 'requiredMajorVersion' value. Vulnerability Impact: Successful exploitation could allow remote attackers to cause XSS attacks by injecting arbitrary web script or HTML via the query string on the affected application. Affected Software/OS: Adobe Flex SDK version prior to 3.4 on Windows Solution: Upgrade to Flex SDK version 3.4. **************************************************************** Note: This script detects Adobe Flex SDK installed as part of Adobe Flex Builder only. If SDK is installed separately, manual verification is required. **************************************************************** CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 36087 Common Vulnerability Exposure (CVE) ID: CVE-2009-1879 Bugtraq: 20090819 Adobe Flex 3.3 SDK DOM-Based XSS (Google Search) http://www.securityfocus.com/archive/1/505948/100/0/threaded http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/ http://securitytracker.com/id?1022748 http://secunia.com/advisories/36374 XForce ISS Database: flex-indextemplate-xss(52608) https://exchange.xforce.ibmcloud.com/vulnerabilities/52608
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.