FreeBSD : linux-flashplugin -- XSS vulnerability (57573136-920e-11e0-bdc9-001b2134ef46)
Medium Nessus Plugin ID 55009
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionAdobe Product Security Incident Response Team reports :
An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.
SolutionUpdate the affected packages.