Found: Possible Vector for Superbowl Websites Malicious JavaScript Insertion

Published: 2007-02-07
Last Updated: 2007-02-07 21:41:45 UTC
by David Goldsmith (Version: 1)
0 comment(s)
We've received information that the likely common vector for how the web sites were compromised appears to be through the use of Dreamweaver.

There is not a flaw in Dreamweaver that was exploited.  It was a case of lazy programming on the parts of site developers who did not do a good job of "input validation" so attackers were able to do "sql injection" attacks.
0 comment(s)


Diary Archives