CVE-2011-2444 Information
Share on:Description
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows Mac OS X Linux and Solaris and before 10.3.186.7 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted URL related to a \universal cross-site scripting issue\ as exploited in the wild in September 2011.
Reference
http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14050 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A15272