Adobe Flex SDK Flex-Generated SWF File Cross-Site Scripting (APSB11-25; CVE-2011-2461)

A Cross-site scripting vulnerability has been reported in Adobe Flex SDK. The vulnerability is due to an error in the way Flex-generated SWF files accept arguments. A remote attacker could exploit this vulnerability by enticing a user to open a web page containing an embedded malformed SWF file...