HTTP: Adobe Flash Player Cross Site Request Forgery Attempt
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to cross site forgery resulting in unauthorized access to remote systems.
Extended Description
Adobe Flash Player is prone to an unspecified cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Affected Products
Xerox freeflow_print_server_(ffps),Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:ADOBE:FLASH-XSRF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe Attempt CVE-2011-2139 Cross Flash Forgery Player Request Site bid:49086
Release Date
08/23/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Adobe
Gentoo
Sun
Hp
Xerox
Avaya
Suse
CVSS Score
6.4