Intrusion Prevention



This indicates an attempt to exploit a cross-site scripting (XSS) vulnerability in the Adobe Flex application.
The vulnerability is caused the application's failure to properly sanitize user-supplied input. An attacker may exploit this vulnerability to steal authentication information from the victim's cookies, and to execute arbitrary scripting code.

Affected Products

Adobe Flex 3.0.1 SDK and Flex Builder 3.


System Compromise: remote attackers can inject arbitrary web scripts or HTML.

Recommended Actions

Apply the fix (3.0.2 SDK Update), available from the following websites:

CVE References