Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.900829 |
Kategorie: | General |
Titel: | Adobe Flex SDK Cross-Site Scripting Vulnerability (Windows) |
Zusammenfassung: | This host is installed with Adobe Flex SDK and is prone to; Cross-Site Scripting vulnerability. |
Beschreibung: | Summary: This host is installed with Adobe Flex SDK and is prone to Cross-Site Scripting vulnerability. Vulnerability Insight: The flaw is due to error in 'index.template.html' in the express-install templates and it occurs when the installed Flash version is older than a specified 'requiredMajorVersion' value. Vulnerability Impact: Successful exploitation could allow remote attackers to cause XSS attacks by injecting arbitrary web script or HTML via the query string on the affected application. Affected Software/OS: Adobe Flex SDK version prior to 3.4 on Windows Solution: Upgrade to Flex SDK version 3.4. **************************************************************** Note: This script detects Adobe Flex SDK installed as part of Adobe Flex Builder only. If SDK is installed separately, manual verification is required. **************************************************************** CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N |
Querverweis: |
BugTraq ID: 36087 Common Vulnerability Exposure (CVE) ID: CVE-2009-1879 Bugtraq: 20090819 Adobe Flex 3.3 SDK DOM-Based XSS (Google Search) http://www.securityfocus.com/archive/1/505948/100/0/threaded http://www.gdssecurity.com/l/b/2009/08/20/adobe-flex-3-3-sdk-dom-based-xss/ http://securitytracker.com/id?1022748 http://secunia.com/advisories/36374 XForce ISS Database: flex-indextemplate-xss(52608) https://exchange.xforce.ibmcloud.com/vulnerabilities/52608 |
Copyright | Copyright (C) 2009 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |