Found: Possible Vector for Superbowl Websites Malicious JavaScript Insertion
We've received information that the likely common vector for how the web sites were compromised appears to be through the use of Dreamweaver.

There is not a flaw in Dreamweaver that was exploited.  It was a case of lazy programming on the parts of site developers who did not do a good job of "input validation" so attackers were able to do "sql injection" attacks.

78 Posts
Feb 7th 2007

Sign Up for Free or Log In to start participating in the conversation!