Good Morning , I'm working on a vulnerabiltiy assessment for a workstation that has Macromedia Suite 8 installed.
Nessus reported that Macromedia Dreamweaver version 8.0.0.2734 was installed and there are multiple SQL Injection vulnerabilities in the code generated by Macromedia Dreamweaver prior to version 8.0.2. Plug in 20811 shows the Dreamweaver version 8.0.0.2734 installed, but I was unable to find any plug in to alert for CVE-2006-2042 ( http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2042 )? NIST rates the severity of this vulnerability as a high. The vulnerability is remotely exploitable and does not require authentication to exploit. Impact Type: Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation , Allows disruption of service The solution to the problem is to Install the free updater so the Dreamweaver is updated to version 8.0.2 and recreate the server components to use the new more secure code. I just wanted to check and make sure that my software is working correctly, and that I didn't miss a check for the Dreamweaver version being out of date. Thank You Take Care and Have Fun --John _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
