Oval Definition:	oval:org.mitre.oval:def:24682
Revision Date: 2015-08-03 Version: 41 Title: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-6637 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Adobe Flash Player Definition Synopsis Adobe Flash Player section Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than or equal 9.0.115.0 OR Flash.ocx section ActiveX Control is installed AND Determine if the version of Flash.ocx is less than or equal 9.0.115.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0
BACK