Adobe Security Bulletin

Security vulnerability in output of Adobe Flex ASdoc Tool 

Release date: April 14, 2015

Vulnerability identifier: APSB15-08

Priority: See table below

CVE number: CVE-2015-1773

Platform: All Platforms

Summary

An important vulnerability has been identified in the JavaScript output of the ASDoc tool available in Adobe Flex 4.6 and earlier versions.  This vulnerability could lead to reflected cross-site scripting.  Adobe recommends users perform the actions referenced in the "Solutions" section below to remediate this vulnerability.

Affected software versions

  • Adobe Flex 4.6 and earlier versions

Solution

Adobe recommends users follow the steps below to remediate this issue:

  1. Download the index.html file available here
  2. Apply any modifications to the existing index.html file (ex. update the page title)
  3. Deploy the results to the web site

Priority and severity ratings

Adobe categorizes this issue with the following priority rating:

Product

Affected versions

Platform

Priority rating

Adobe Flex

4.6 and earlier

All

3

This bulletin addresses an important vulnerability in the software.

Acknowledgments

Adobe would like to thank Radjnies Bhansingh of Securify BV for reporting this issue. 

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online