CVE-2017-3103
https://notcve.org/view.php?id=CVE-2017-3103
Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting almacenado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting (XSS) almacenado. • http://www.securityfocus.com/bid/99518 http://www.securitytracker.com/id/1038846 https://helpx.adobe.com/security/products/connect/apsb17-22.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7851 – Adobe Connect 9.5.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-7851
Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks. Adobe Connect versión 9.5.6 y versiones anteriores no valida adecuadamente entradas en el módulo de registro de eventos. Esta vulnerabilidad puede ser explotada en ataques de XSS. • https://www.exploit-db.com/exploits/40742 http://www.securityfocus.com/bid/94152 http://www.securitytracker.com/id/1037239 https://helpx.adobe.com/security/products/connect/apsb16-35.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-4118
https://notcve.org/view.php?id=CVE-2016-4118
Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. Vulnerabilidad de ruta de búsqueda no fiable en el instalador en Adobe Connect Add-In en versiones anteriores a la 11.9.976.291 en Windows permite que usuarios locales obtengan privilegios mediante vectores sin especificar. • http://www.securityfocus.com/bid/90815 http://www.securitytracker.com/id/1035958 https://helpx.adobe.com/security/products/connect/apsb16-17.html • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-0950
https://notcve.org/view.php?id=CVE-2016-0950
Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors. Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos suplantar la interfaz de usuario a través de vectores no especificados. • http://www.securitytracker.com/id/1034978 https://helpx.adobe.com/security/products/connect/apsb16-07.html • CWE-20: Improper Input Validation CWE-254: 7PK - Security Features •
CVE-2016-0949
https://notcve.org/view.php?id=CVE-2016-0949
Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL. Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos tener un impacto no especificado a través de un parámetro manipulado en una URL. • http://www.securitytracker.com/id/1034978 https://helpx.adobe.com/security/products/connect/apsb16-07.html •