Adobe Flash Player and AIR URI Parsing Cross Domain Scripting Vulnerability
Adobe Flash Player and Adobe AIR are prone to a cross-domain scripting vulnerability.
A remote attacker can exploit this vulnerability to bypass the same-origin policy, execute arbitrary script code and obtain potentially sensitive information, or launch spoofing attacks against other sites.
This issue only affects Firefox and Chrome browsers.
NOTE: This issue was previously covered in BID 40759 (Adobe Flash Player 10.0.45.2 and AIR 126.96.36.19930 Multiple Remote Vulnerabilities) but has been given its own record to better document it.