Adobe Security Bulletin

Release date: April 14, 2015

Vulnerability identifier: APSB15-08

CVE number: CVE-2015-1773

Platform: All Platforms

An important vulnerability has been identified in the JavaScript output of the ASDoc tool available in Adobe Flex 4.6 and earlier versions. This vulnerability could lead to reflected cross-site scripting. Adobe recommends users perform the actions referenced in the "Solutions" section below to remediate this vulnerability.

Adobe Flex 4.6 and earlier versions

Adobe recommends users follow the steps below to remediate this issue:

Download the index.html file available here
Apply any modifications to the existing index.html file (ex. update the page title)
Deploy the results to the web site

Adobe categorizes this issue with the following priority rating:

Product	Affected versions	Platform	Priority rating
Adobe Flex	4.6 and earlier	All	3

This bulletin addresses an important vulnerability in the software.

Adobe would like to thank Radjnies Bhansingh of Securify BV for reporting this issue.

Adobe Security Bulletin

Security vulnerability in output of Adobe Flex ASdoc Tool

Summary

Affected software versions

Solution

Priority and severity ratings

Acknowledgments

Ask the Community

Contact Us