Adobe Flash Player and AIR Domain Sandbox Bypass Vulnerability (APSB10-06)

By | February 28, 2017

Two (2) potential risks associated with this vulnerability are

  1. Denial of Service issue (CVE-2010-0187)
  2. Allowing users to make unauthorized cross-domain requests

We recommend verifying the version number of the present adobe flash player and then reviewing the solution in order to resolve this issue. See below on how to verify the version number and reviewing the solution.

Verify Version Number

Steps

  1. To verify the Adobe Flash Player version number installed on your system, access the About Flash Player page,
  2. or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu.
  3. If you use multiple browsers, perform the check for each browser you have installed on your system.

To verify the Adobe AIR version number installed on your system, access the Adobe AIR TechNote for instructions

Solution

Upgrade to Adobe Flash Player 10.0.45.2 or later to resolve this issue. The update is available for download from the Adobe Flash Player Download Site.

For Adobe AIR update to Version 1.5.3.1930 or later to resolve this issue. The update is available for download from the Adobe AIR Download Site.

Click here to refer to vendor advisory

Leave a Reply

Your email address will not be published. Required fields are marked *