CVE-2012-0767 Information

Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows Mac OS X Linux and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors aka \Universal XSS (UXSS)\ as exploited in the wild in February 2012.

Reference

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-0144.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14806 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A15933