The problem allows cross-site scripting attacks via websites. US-Cert said there are reported vulnerabilities in Flash (SWF) files that may allow a remote, unauthenticated attacker to conduct cross-site scripting attacks on a vulnerable system.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The Flash file problem comes as US-Cert also reports there is exploit code in the wild to take advantage of a flaw in RealPlayer. The exploit reportedly affects RealPlayer 11 build 220.127.116.118.
US-Cert will provide more information on this problem at a later date.