3 matches found
SUSE CVE-2007-6244
Multiple cross-site scripting XSS vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via 1 a SWF file that uses the asfunction: protocol or 2 the navigateToURL function when used with the Flash Player Activ...
Adobe Flash Player asfunction protocol may enable cross-site scripting
Overview The Adobe Flash player asfunction protocol could allow an attacker to conduct cross-site scripting attacks on websites that host vulnerable Flash files. Description The Adobe Flash Player is a player for the Flash media format and enables frame-based animations and multimedia to be viewe...
flash: XSS via asfunction protocol
Multiple cross-site scripting XSS vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via 1 a SWF file that uses the asfunction: protocol or 2 the navigateToURL function when used with the Flash Player Activ...