Adobe have released updated versions of Adobe Connect for Windows. The new update resolves a critical Server-Side Request Forgery (SSRF) vulnerability (CVE-2017-11291) that could be abused to bypass network access controls. The update contains also fixes to three input validation vulnerabilities (CVE-2017-11287, CVE-2017-11288, CVE-2017-11289) that could be used in cross-site scripting attacks. In additional to these the update contains a mitigation to help protect users from clickjacking attacks (CVE-2017-11290).
Affected versions:
- Adobe Connect earlier than 9.7
More information can be read from Adobe's security bulletin.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment