Adobe: >> Flex Sdk >> 1.5 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string.
CVSS Score
2.6
EPSS Score
0.098
Published
2009-08-21
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.
CVSS Score
5.1
EPSS Score
0.579
Published
2006-09-12