Adobe AIR <= 22.214.171.124 Android Applications Runtime Analytics MitM (APSB16-31)
Medium Nessus Plugin ID 93523
SynopsisThe remote Windows host has a browser plugin installed that is affected by a man-in-the-middle vulnerability.
DescriptionThe version of Adobe AIR installed on the remote Windows host is prior or equal to version 126.96.36.199. It is, therefore, affected by a man-in-the-middle (MitM) vulnerability due to the cleartext transmission of runtime analytics for AIR applications on Android. A MitM attacker can exploit this to disclose or tamper with the runtime analytics.
Note that Nessus has not tested for this issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Adobe AIR version 188.8.131.527 or later.