Cross-Site Request Forgery (CSRF) attack vulnerability in Adobe Flash Player (dpkg)ID: oval:org.secpod.oval:def:9811 | Date: (C)2013-03-18 (M)2023-11-27 |
Class: VULNERABILITY | Family: unix |
The host is installed with Adobe Flash Player 9.x before 9.0.124.0 or 8.x through 8.0.39.0 and is prone to a dns rebinding attack vulnerability. A flaw is present in the application, which fails to handle interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services. Successful exploitation could allow remote attackers to conduct DNS rebinding attacks.
Product: |
Adobe Flash Player |