CVE Reference: CVE-2011-2444

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-2444

Description:
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.

CVE Status:
Candidate

References:

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html

REDHAT
  http://www.redhat.com/support/errata/RHSA-2011-1333.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14050
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:15272

CONFIRM
  http://www.adobe.com/support/security/bulletins/apsb11-26.html
  http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html


Return to the previous page.