Adobe Download Manager is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions with elevated privileges; this may aid in launching further attacks. Adobe Download Manager 2.0.0.363 is vulnerable.
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Permit local interactive access to known and trusted individuals only. Use of restricted environments such as chroot and jail may also limit exposure to this and other latent vulnerabilities.
Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.
Updates are available. Please see the references or vendor advisory for more information.
CPE | Name | Operator | Version |
---|---|---|---|
adobe download manager | eq | 2.0.0.363 |