Adobe Plugs Dreamweaver SQL Injection Flaw

Patch Watch: Security vulnerabilities have been fixed in products from Adobe, Cisco and Verisign.

Web tools vendor Adobe Systems has acknowledged that code generated by its Macromedia Dreamweaver suite could allow SQL injection attacks.

According to an advisory from Adobe, the flaw was confirmed on Dreamweaver version 8.0.2 and earlier. It affects the ColdFusion, PHP mySQL, ASP, ASP.NET and JSP server models.

"If the database server is configured to allow local system commands to be executed via database calls, this vulnerability may also allow local code execution," said Brian Gallagher, the security researcher who reported the issue to Adobe.

Dreamweaver offers RAD (rapid-application design) tools for the creation of Internet and Intranet applications for a variety of server models (databases and languages).

The security issue exists because the code generated automatically by these functions does not properly validate input and are vulnerable to SQL Injection attacks from remote users, Gallagher explained.

Cisco Patches AVS Spoofing Flaw

Network routing and switching giant Cisco Systems has released a new version of its AVS (Application Velocity System) software to fix a "moderately critical" vulnerability that puts users at risk of security bypass and spoofing attacks.

/zimages/5/28571.gifClick here to read about recent patches for Adobe Photoshop and Illustrator.

In an alert posted online, the company said the issue affects Cisco AVS 3120 and Cisco AVS 3110.

The problem is caused by insecure default settings that allows anyone to use the device as an open relay to any TCP service able to process data embedded in HTTP POST requests. This can be exploited by malicious attackers to use the device as an open relay, Cisco said.

According to Ciscos security response team, the issue is actively exploited to send unsolicited commercial e-mails and obscure the true originator.

Code Execution Bug in Verisign i-NAV Plug-in

A "highly critical" flaw the Verisigns i-Nav ActiveX control could put users at risk of system access attacks, according to a warning from Tipping Points Zero Day Initiative.

The vulnerability, which has been fixed by Verisign, allows remote attackers to execute arbitrary code on vulnerable installations of the Verisign i-Nav ActiveX control. "User interaction is required to exploit this vulnerability in that the target must visit a malicious Web page," according to the alert.

The specific flaw exists within the "VUpdater.Install" ActiveX control which is used to provide native support for IDNs (Internationalized Domain Names) in Microsofts Internet Explorer, Outlook and Outlook Express products.

"Due to the lack of verification on Microsoft Cabinet (.CAB) files from the "InstallProduct" routine, an attacker can specify an arbitrary executable to run under the context of the current user," the company said.

/zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.