2 matches found
CVE-2015-7369
Revive Adserver before 3.2.2 is affected by multiple CVEs (including CVE-2015-7369: overly permissive crossdomain.xml) that enable cross-domain attacks and session cookie exposure. Core issue: default crossdomain.xml permissions allow access from other domains, facilitating cross-domain attacks. ...
CVE-2015-7369
The default Flash cross-domain policy crossdomain.xml in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via unspecified vectors...