CVE-2010-2179 Information

Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 and Adobe AIR before 2.0.2.12610 when Firefox or Chrome is used allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.

Reference

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/40144 http://secunia.com/advisories/40545 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://securitytracker.com/id?1024085 http://securitytracker.com/id?1024086 http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-14.html http://www.redhat.com/support/errata/RHSA-2010-0464.html http://www.redhat.com/support/errata/RHSA-2010-0470.html http://www.securityfocus.com/bid/40759 http://www.securityfocus.com/bid/40808 http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt http://www.us-cert.gov/cas/techalerts/TA10-162A.html http://www.vupen.com/english/advisories/2010/1421 http://www.vupen.com/english/advisories/2010/1432 http://www.vupen.com/english/advisories/2010/1434 http://www.vupen.com/english/advisories/2010/1453 http://www.vupen.com/english/advisories/2010/1482 http://www.vupen.com/english/advisories/2010/1522 http://www.vupen.com/english/advisories/2010/1793 http://www.vupen.com/english/advisories/2011/0192 https://exchange.xforce.ibmcloud.com/vulnerabilities/59328 adobe-player-air-url-xss(59328) https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7126