CVE-2009-1879

Name of the Vulnerable Software and Affected Versions: Adobe Flex versions prior to 3.4

Description: A cross-site scripting (XSS) issue exists in the express-install templates in the SDK, specifically in index.template.html. This occurs when the installed Flash version is older than a specified requiredMajorVersion value, allowing remote attackers to inject arbitrary web script or HTML via the query string.

Recommendations: For Adobe Flex versions prior to 3.4, update to version 3.4 or later to resolve the issue.