Adobe Security Bulletin

Release date: April 14, 2015

Vulnerability identifier: APSB15-08

Priority: See table below

CVE number: CVE-2015-1773

Platform: All Platforms

An important vulnerability has been identified in the JavaScript output of the ASDoc tool available in Adobe Flex 4.6 and earlier versions.  This vulnerability could lead to reflected cross-site scripting.  Adobe recommends users perform the actions referenced in the "Solutions" section below to remediate this vulnerability.

• Adobe Flex 4.6 and earlier versions

Adobe recommends users follow the steps below to remediate this issue:

1. Download the index.html file available here
2. Apply any modifications to the existing index.html file (ex. update the page title)
3. Deploy the results to the web site

Adobe categorizes this issue with the following priority rating:

This bulletin addresses an important vulnerability in the software.

Adobe would like to thank Radjnies Bhansingh of Securify BV for reporting this issue.