Oval Definition:	oval:org.mitre.oval:def:24909
Revision Date: 2015-08-03 Version: 40 Title: Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks. Description: Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-6243 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Adobe Flash Player Definition Synopsis Adobe Flash Player section Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than or equal 9.0.48.0 OR Flash.ocx section ActiveX Control is installed AND Determine if the version of Flash.ocx is less than or equal 9.0.48.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0
BACK