Adobe Connect Multiple Security Vulnerabilities

Adobe Connect is prone to multiple security vulnerabilities.

Successfully exploiting these issues may allow attackers to bypass security restrictions, gain unauthorized access to the affected application, obtain sensitive information or to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Other attacks are also possible.


Bugtraq ID: 101838
Class: Design Error
CVE: CVE-2017-11291

Remote: Yes
Local: No
Published: Nov 14 2017 12:00AM
Updated: Dec 17 2017 03:11AM
Credit: Adam Willard of Blue Canopy, Alexis Laborier, Pedro Cardoso and Deniz CEVIK from Biznet Bilisim A.S.
Vulnerable: Adobe Connect 9.6.2
Adobe Connect 9.6.1
Adobe Connect 9.5.7
Adobe Connect 9.5.6
Adobe Connect 9.5.3
Adobe Connect 9.5.2
Adobe Connect 9.4.2
Adobe Connect 9.4
Adobe Connect 9.3

Not Vulnerable: Adobe Connect 9.7


An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage.

Related Posts