Release date:
Updated on: 2011-06-06
Affected Systems:
Adobe Flash Player 9.x
Adobe Flash Player 10.x
Unaffected system:
Adobe Flash Player 10.3.181.23
Adobe Flash Player 10.3.181.22
Description:
--------------------------------------------------------------------------------
Bugtraq id: 48107
Cve id: CVE-2011-2107
Flash Player is a high-performance, lightweight, and expressive client runtime Player.
Adobe Flash Player has a cross-site scripting vulnerability. Remote attackers can exploit this vulnerability to execute arbitrary code in the browsers of affected sites, steal Cookie authentication creden。, and launch other attacks.
<* Source: vendor
Link: http://www.adobe.com/support/security/bulletins/apsb11-13.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (APSB11-13) and patches for this:
APSB11-13: Security update available for Adobe Flash Player
Link: http://www.adobe.com/support/security/bulletins/apsb11-13.html