The host is installed with Adobe Flash Player 10.3.181.36 or earlier or Adobe AIR 2.7 or earlier and is prone to cross site information disclosure vulnerability. A flaw is present in the applications which fail to properly handle cookie-based authentication. Successful exploitation allows remote attackers to execute remote code.