DATABASE RESOURCES PRICING ABOUT US

{"id": "SECURITYVULNS:DOC:11294", "bulletinFamily": "software", "title": "[SA18698] Adobe Products Insecure Default File Permissions", "description": "\r\nTITLE:\r\nAdobe Products Insecure Default File Permissions\r\n\r\nSECUNIA ADVISORY ID:\r\nSA18698\r\n\r\nVERIFY ADVISORY:\r\nhttp://secunia.com/advisories/18698/\r\n\r\nCRITICAL:\r\nLess critical\r\n\r\nIMPACT:\r\nSecurity Bypass, Manipulation of data, Privilege escalation\r\n\r\nWHERE:\r\nLocal system\r\n\r\nSOFTWARE:\r\nAdobe Photoshop CS2\r\nhttp://secunia.com/product/6151/\r\nAdobe Illustrator CS2\r\nhttp://secunia.com/product/7061/\r\nAdobe Creative Suite 2 Standard\r\nhttp://secunia.com/product/7390/\r\nAdobe Creative Suite 2 Premium\r\nhttp://secunia.com/product/7389/\r\n\r\nDESCRIPTION:\r\nA security issue has been reported in some Adobe products, which can\r\nbe exploited by malicious, local users to bypass certain security\r\nrestrictions or gain escalated privileges.\r\n\r\nThe security issue is caused due to insecure default file permissions\r\nbeing set on the installed files and folders. This allows any\r\nnon-privileged users on the system to remove the files or replace\r\nthem with malicious binaries.\r\n\r\nThe security issue has been reported in the following products:\r\n* Adobe Creative Suite 2\r\n* Adobe Photoshop CS2\r\n* Adobe Illustrator CS2\r\n\r\nSOLUTION:\r\nApply AdobeSecurityPatcher.\r\n\r\nAdobe Illustrator CS2 (Windows):\r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3308\r\n\r\nAdobe Illustrator CS2 (Mac OS): \r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3307\r\n\r\nAdobe Photoshop CS2 (Windows):\r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3306\r\n\r\nAdobe Photoshop CS2 (Mac OS):\r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3305\r\n\r\nAdobe Creative Suite 2 Premium (Windows):\r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3304\r\n\r\nAdobe Creative Suite 2 Premium (Mac OS):\r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3303\r\n\r\nAdobe Creative Suite 2 Standard (Windows): \r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3230\r\n\r\nAdobe Creative Suite 2 Standard (Mac OS):\r\nhttp://www.adobe.com/support/downloads/detail.jsp?ftpID=3223\r\n\r\nPROVIDED AND/OR DISCOVERED BY:\r\nThe vendor credits Sudhakar Govindavajhala and Andrew Appel of\r\nPrinceton University.\r\n\r\nORIGINAL ADVISORY:\r\nAdobe:\r\nhttp://www.adobe.com/support/techdocs/332644.html\r\n\r\n----------------------------------------------------------------------\r\n\r\nAbout:\r\nThis Advisory was delivered by Secunia as a free service to help\r\neverybody keeping their systems up to date against the latest\r\nvulnerabilities.\r\n\r\nSubscribe:\r\nhttp://secunia.com/secunia_security_advisories/\r\n\r\nDefinitions: (Criticality, Where etc.)\r\nhttp://secunia.com/about_secunia_advisories/\r\n\r\n\r\nPlease Note:\r\nSecunia recommends that you verify all advisories you receive by\r\nclicking the link.\r\nSecunia NEVER sends attached files with advisories.\r\nSecunia does not advise people to install third party patches, only\r\nuse those supplied by the vendor.\r\n", "published": "2006-02-03T00:00:00", "modified": "2006-02-03T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11294", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:15", "edition": 1, "viewCount": 3, "enchantments": {"score": {"value": 1.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:5733"]}], "rev": 4}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:5733"]}]}, "exploitation": null, "vulnersScore": 1.6}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645406150}}

{}