Two (2) potential risks associated with this vulnerability are
- Denial of Service issue (CVE-2010-0187)
- Allowing users to make unauthorized cross-domain requests
We recommend verifying the version number of the present adobe flash player and then reviewing the solution in order to resolve this issue. See below on how to verify the version number and reviewing the solution.
Verify Version Number
- To verify the Adobe Flash Player version number installed on your system, access the About Flash Player page,
- or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu.
- If you use multiple browsers, perform the check for each browser you have installed on your system.
To verify the Adobe AIR version number installed on your system, access the Adobe AIR TechNote for instructions
Upgrade to Adobe Flash Player 10.0.45.2 or later to resolve this issue. The update is available for download from the Adobe Flash Player Download Site.
For Adobe AIR update to Version 220.127.116.110 or later to resolve this issue. The update is available for download from the Adobe AIR Download Site.
Click here to refer to vendor advisory