Adobe Connect Multiple Security Vulnerabilities



Adobe Connect is prone to multiple security vulnerabilities.

Successfully exploiting these issues may allow attackers to bypass security restrictions, gain unauthorized access to the affected application, obtain sensitive information or to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Other attacks are also possible.

Information

Bugtraq ID: 101838
Class: Design Error
CVE: CVE-2017-11291
CVE-2017-11287
CVE-2017-11288
CVE-2017-11289
CVE-2017-11290

Remote: Yes
Local: No
Published: Nov 14 2017 12:00AM
Updated: Dec 17 2017 03:11AM
Credit: Adam Willard of Blue Canopy, Alexis Laborier, Pedro Cardoso and Deniz CEVIK from Biznet Bilisim A.S.
Vulnerable: Adobe Connect 9.6.2
Adobe Connect 9.6.1
Adobe Connect 9.5.7
Adobe Connect 9.5.6
Adobe Connect 9.5.3
Adobe Connect 9.5.2
Adobe Connect 9.4.2
Adobe Connect 9.4
Adobe Connect 9.3


Not Vulnerable: Adobe Connect 9.7


Exploit


An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage.


Related Posts

Comments