Cross-Site Request Forgery (CSRF) attack vulnerability in Adobe Flash Player (rpm)
|ID: oval:org.secpod.oval:def:9810||Date: (C)2013-03-18 (M)2018-01-19|
|Class: VULNERABILITY||Family: unix|
The host is installed with Adobe Flash Player 9.x before 188.8.131.52 or 8.x through 184.108.40.206 and is prone to a dns rebinding attack vulnerability. A flaw is present in the application, which fails to handle interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services. Successful exploitation could allow remote attackers to conduct DNS rebinding attacks.
|Adobe Flash Player|