Session Token Disclosure Vulnerability in Adobe Flash Player and Adobe AIR

Session Token Disclosure Vulnerability in Adobe Flash Player and Adobe AIR

CVE-2014-8437 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow remote attackers to discover session tokens via unspecified vectors.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.