According to its version number, an instance of Adobe AIR on the remote Windows host is 1.5 or earlier. Such versions are potentially affected by several vulnerabilities :
A potential port-scanning issue. (CVE-2007-4324)
Possible privilege escalation attacks against web servers hosting Flash content and cross-domain policy files. (CVE-2007-6243)
Potential Clipboard attacks. (CVE-2008-3873)
FileReference upload and download APIs that don’t require user interaction. (CVE-2008-4401)
A potential cross-site scripting vulnerability. (CVE-2008-4818)
A potential issue that could be leveraged to conduct a DNS rebinding attack. (CVE-2008-4819)
An information disclosure issue affecting only the ActiveX control. (CVE-2008-4820)
An information disclosure issue involving interpretation of the 'jar: ’ protocol and affecting only the plugin for Mozilla browsers. (CVE-2008-4821)
An issue with policy file interpretation could potentially lead to bypass of a non-root domain policy. (CVE-2008-4822)
A potential HTML injection issue involving an ActionScript attribute. (CVE-2008-4823)
Multiple input validation errors could potentially lead to execution of arbitrary code. (CVE-2008-4824)
An Adobe AIR application that loads data from an untrusted source could allow an attacker to execute untrusted JavaScript with elevated privileges. (CVE-2008-5108)
Binary data 4760.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4324
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6243
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3873
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5108
www.adobe.com/support/security/bulletins/apsb08-18.html
www.adobe.com/support/security/bulletins/apsb08-23.html