The host is installed with Adobe Flash Player 9.x before 9.0.124.0 or Adobe Air before 1.0.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a maliciously crafted SWF file. Successful exploitation could allow remote to bypass the allowScriptAccess control.