Flash Player < 10.3.181.22 XSS (APSB11-13)

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

A browser plugin is affected by a cross-scripting vulnerability.

Description :

An unspecified cross-site scripting vulnerability exists in versions
of Flash Player earlier than 10.3.181.22 (10.3.181.23 for ActiveX).

An attacker may be able to leverage this issue to inject and execute
arbitrary HTML and script code in a user's browser.

See also :

http://www.adobe.com/support/security/bulletins/apsb11-13.html

Solution :

Upgrade to Adobe Flash version 10.3.181.22 (10.3.181.23 for ActiveX) or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.4
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 54972 ()

Bugtraq ID: 48107

CVE ID: CVE-2011-2107

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now