Good Morning , I'm working on a vulnerabiltiy assessment for a workstation
that has Macromedia Suite 8 installed.
Nessus reported that Macromedia Dreamweaver version 8.0.0.2734 was installed
and there are multiple SQL Injection vulnerabilities in the code generated by
Macromedia Dreamweaver prior to version 8.0.2.
Plug in 20811 shows the Dreamweaver version 8.0.0.2734 installed, but I was
unable to find any plug in to alert for CVE-2006-2042 (
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2042 )?
NIST rates the severity of this vulnerability as a high. The vulnerability is
remotely exploitable and does not require authentication to exploit.
Impact Type: Provides unauthorized access, Allows partial confidentiality,
integrity, and availability violation , Allows disruption of service
The solution to the problem is to Install the free updater so the Dreamweaver
is updated to version 8.0.2 and recreate the server components to use the new
more secure code.
I just wanted to check and make sure that my software is working correctly, and
that I didn't miss a check for the Dreamweaver version being out of date.
Thank You
Take Care and Have Fun --John
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|