Lucene search

MitreCVE-2006-2042

HistoryMay 09, 2006 - 7:02 p.m.

CVE-2006-2042

2006-05-0919:02:00

mitre

web.nvd.nist.gov

adobe

dreamweaver

sql injection

vulnerability

coldfusion

php

mysql

asp

asp.net

jsp

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.01

Percentile

84.0%

JSON

Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.

Affected configurations

Nvd

Node

adobedreamweaverMatch7.0

adobedreamweaverMatch8.0

VendorProductVersionCPE
adobedreamweaver7.0cpe:2.3:a:adobe:dreamweaver:7.0:*:*:*:*:*:*:*
adobedreamweaver8.0cpe:2.3:a:adobe:dreamweaver:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	dreamweaver	7.0	cpe:2.3:a:adobe:dreamweaver:7.0:::::::*
adobe	dreamweaver	8.0	cpe:2.3:a:adobe:dreamweaver:8.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2006-05/0194.html

secunia.com/advisories/20054

securitytracker.com/id?1016050

www.adobe.com/support/security/bulletins/apsb06-07.html

www.osvdb.org/25361

www.securityfocus.com/bid/17928

www.vupen.com/english/advisories/2006/1753

exchange.xforce.ibmcloud.com/vulnerabilities/26339

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.01

Percentile

84.0%

JSON

Related for CVE-2006-2042