Sårbarhetslösningar |
||
| WatchMouse periodiska sårbarhetsskanning kontrollerar sårbarheten nedan. Om du vill se de senasta sårbarhetslösningarna som skannas av WatchMouse kan du gå till översikten med sårbarhetslösningar | ||
| Kategori: Windows | Riskfaktor: High | Tillagt: 19 Nov 2008 |
| Synopsis: The remote Windows host contains a runtime environment that is affected by multiple issues. Description: According to its version number, an instance of Adobe AIR on the remote Windows host is 1.5 or earlier. Such versions are potentially affected by several vulnerabilities : - A potential port-scanning issue. (CVE-2007-4324) - Possible privilege escalation attacks against web servers hosting Flash content and cross-domain policy files. (CVE-2007-6243) - Potential Clipboard attacks. (CVE-2008-3873) - FileReference upload and download APIs that don't require user interaction. (CVE-2008-4401) - A potential cross-site scripting vulnerability. (CVE-2008-4818) - A potential issue that could be leveraged in to conduct a DNS rebinding attack. (CVE-2008-4819) - An information disclosure issue affecting only the ActiveX control. (CVE-2008-4820) - An information disclosure issue involving interpretation of the 'jar:' protocol and affecting only the plugin for Mozilla browsers. (CVE-2008-4821) - An issue with policy file interpretation could potentially lead to bypass of a non-root domain policy. (CVE-2008-4822) - A potential HTML injection issue involving an ActionScript attribute. (CVE-2008-4823) - Multiple input validation errors could potentially lead to execution of arbitrary code. (CVE-2008-4824) - An Adobe AIR application that loads data from an untrusted source could allow an attacker to execute untrusted JavaScript with elevated privileges. (CVE-2008-5108) See also: http://www.adobe.com/support/security/bulletins/apsb08-18.html http://www.adobe.com/support/security/bulletins/apsb08-23.html Solution: Upgrade to Adobe AIR version 1.5 or later. Risk factor: High / CVSS Base Score : 9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C) |
||
