Oval Definition:	oval:org.mitre.oval:def:6648
Revision Date: 2015-08-03 Version: 45 Title: Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability Description: Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2009-1870 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Adobe AIR Adobe Flash Player Definition Synopsis Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 OR Determine if the version of Flash.ocx is less than 9.0.246.0
BACK