HTTP: Adobe Flash Player ActionScript 2 Cross Domain Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.
Extended Description
Adobe Flash Player is prone to a cross-site scripting vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim into visiting a malicious website. An attacker can leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of an arbitrary website. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Affected Products
Xerox freeflow_print_server_(ffps),Adobe flash_player
Short Name
HTTP:STC:ADOBE:FLASH-XDOMAIN
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
2 ActionScript Adobe CVE-2011-2444 Code Cross Domain Execution Flash Player Remote bid:49710
Release Date
09/27/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3575
False Positive
Rarely
Vendors
Red_hat
Research_in_motion
Adobe
Gentoo
Sun
Hp
Avaya
Xerox
Suse
CVSS Score
4.3