Cross-site request forgery (CSRF) attacks vulnerability in Adobe Flash Player via crafted SWF content (rpm)ID: oval:org.secpod.oval:def:20162 | Date: (C)2014-07-15 (M)2023-11-26 |
Class: VULNERABILITY | Family: unix |
The host is installed with Adobe Flash Player before 11.2.202.394 and is prone to a cross-site request forgery attacks vulnerability. A flaw is present in the application, which fail to handle a crafted OBJECT element with SWF content. Successful exploitation could allow remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints
Product: |
Adobe Flash Player |