Full Disclosure mailing list archives
Re: adobe.com important subdomain SQL injection again!
From: Jeffrey Walton <noloader () gmail com>
Date: Sat, 18 Dec 2010 12:53:13 -0500
On Sat, Dec 18, 2010 at 11:58 AM, Maciej Gojny <vuln () ariko-security com> wrote:
hello full disclosure! After six months from the first contact with Adobe security team, Â important adobe.com subdomain is still vulnerable to SQL injection attacks. We hope that this time, serious people will try to solve the problem.
There's a reason Adobe is the most attacked software [1,2], and its probably because they write the most vulnerable software (or adversaries are looking for a challenge, which seems less intuitive and highly unlikely to me). It appears "insecurity" is an enterprise wide practice, and not just limited to their software. Jeff [1] "Adobe surpasses Microsoft as favorite hacker’s target" (Jul 2009) http://lastwatchdog.com/adobe-surpasses-microsoft-favorite-hackers-target/ [2] "Adobe predicted as top 2010 hacker target" (Dec 2009) http://www.theregister.co.uk/2009/12/29/security_predictions_2010/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- adobe.com important subdomain SQL injection again! Maciej Gojny (Dec 18)
- Re: adobe.com important subdomain SQL injection again! Jeffrey Walton (Dec 18)
- Re: adobe.com important subdomain SQL injection again! Victor Rigo (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Javier Bassi (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Jeffrey Walton (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Pavel Kankovsky (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Jeffrey Walton (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Marsh Ray (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Christian Sciberras (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Victor Rigo (Dec 19)
- Re: adobe.com important subdomain SQL injection again! John Jester (Dec 20)
- Re: adobe.com important subdomain SQL injection again! Jeffrey Walton (Dec 23)
- Re: adobe.com important subdomain SQL injection again! Victor Rigo (Dec 19)
- Re: adobe.com important subdomain SQL injection again! Jeffrey Walton (Dec 18)