.swf files. Visit the security bulletin for YUI 2.8.2 for full details about how to identify and replace affected files.
If your site hosts a YUI 2 distribution between version 2.4.0 and 2.8.1 that includes these files, it is affected by this vulnerability.
If your site loads YUI 2 from Yahoo’s CDN (
yui.yahooapis.com) or from Google’s CDN (
ajax.googleapis.com), and the files are not hosted on your own domain, you are not affected. YUI 3 is not affected by this issue.
You can download YUI 2.8.2 (and patched versions of YUI 2.4.0-2.8.1) from the YUILibrary.com downloads page.
See the security bulletin for information about how to determine whether your site is affected, how to remedy the problem, and how to verify the fix.