SUSE CVE-2007-6244

Multiple cross-site scripting XSS vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via 1 a SWF file that uses the asfunction: protocol or 2 the navigateToURL function when used with the Flash Player Activ...

CVE-2012-3351

Multiple cross-site scripting XSS vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the 1 link, 2 logo.link, or 3 aboutlink parameter, or a nested URI scheme name for 4 javascript, 5 asfunction, or 6 vbscript...

CVE-2008-6062

Cross-site scripting XSS vulnerability in ActionScript in arbitrary Shockwave Flash SWF files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may...

Adobe Flash Player asfunction protocol may enable cross-site scripting

Overview The Adobe Flash player asfunction protocol could allow an attacker to conduct cross-site scripting attacks on websites that host vulnerable Flash files. Description The Adobe Flash Player is a player for the Flash media format and enables frame-based animations and multimedia to be viewe...

flash: XSS via asfunction protocol

Multiple cross-site scripting XSS vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via 1 a SWF file that uses the asfunction: protocol or 2 the navigateToURL function when used with the Flash Player Activ...