The host is installed with Adobe Flash Player 10.3.181.36 or before or Adobe AIR 2.7 or before and is prone to cross site information disclosure vulnerability. A flaw is present in the applications which fail to properly handle cookie-based authentication. Successful exploitation allows remote attackers to execute remote code.