Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.
References 7 Total
- secunia.com: 48308 third-party-advisory
- oval.cisecurity.org: oval:org.mitre.oval:def:15272 vdb-entrysignature
- lists.opensuse.org: SUSE-SU-2011:1063 vendor-advisory
- redhat.com: RHSA-2011:1333 vendor-advisory
- http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html
- oval.cisecurity.org: oval:org.mitre.oval:def:14050 vdb-entrysignature
- http://www.adobe.com/support/security/bulletins/apsb11-26.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- secunia.com: 48308 third-party-advisoryx_transferred
- oval.cisecurity.org: oval:org.mitre.oval:def:15272 vdb-entrysignaturex_transferred
- lists.opensuse.org: SUSE-SU-2011:1063 vendor-advisoryx_transferred
- redhat.com: RHSA-2011:1333 vendor-advisoryx_transferred
- http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html x_transferred
- oval.cisecurity.org: oval:org.mitre.oval:def:14050 vdb-entrysignaturex_transferred
- http://www.adobe.com/support/security/bulletins/apsb11-26.html x_transferred