 |
|
|
|
| Vulnerability details : |
| |
 |
|
Macromedia Dreamweaver MX accessdenied PHP XSS |
|
|
Fiche créée le 2003-08-06 14:07:05, dernière mise à jour le 2007-12-12 07:26:34
A vulnerability has been identified in Macromedia Dreamweaver MX PHP
Authentication allowing malicious users to conduct Cross Site
Scripting attacks.
The problem is that the "accessdenied" parameter isn't properly
verified before it is returned to the user. This affects all scripts,
which use the PHP Authentication.
The vulnerability affects Dreamweaver 6 and 6.1.
|
| |
| Macromedia, Inc. 6 Affected | | Macromedia, Inc. 6.1 Affected | | Macromedia, Inc. 6.x Affected | | | Attack Type : Input Manipulation
XSS, SQL injection, file retrieval, directory traversal, overflows, URL encoding. | Découvert le 2003-08-06 17:56:17
| Impact : Loss of Integrity
Assurance that data is unaltered by unauthorized persons.
Examples: XSS, arbitrary command execution, most overflows, most format strings, SQL injection, unauthorized file modification/deletion/creation, remote file inclusion, etc. | | | Location : Remote / Network Access
If network access if required and exploit can be done remotely. | | | OSVDB : Web Related
The vulnerability is a web issue and will have an associated security check. | | |
| |
| External refs : |
| OSVDB 2124 | | | | | | | | | | |
| |
| |
| |
| |
|
|
|
|
| Free consultation (search) |
|
|
|
|
|
| |
|
|
|
