CPE Details
Adobe Dreamweaver 20.0
20.0
2021-02-16
12h29 +00:00
12h29 +00:00
2021-02-24
17h17 +00:00
17h17 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:adobe:dreamweaver:20.0:*:*:*:*:*:*:*
Informations
Vendor
adobeProduct
dreamweaverVersion
20.0Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction. | 7.8 |
Haute |
||
| Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver references, potentially resulting in information disclosure. | 6.2 |
Moyen |
||
| Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges. | 7.8 |
Haute |
||
| Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637. | 4.3 |
2025©
tesweb SA
