PT-2010-4598 · Adobe · Incopy Cs5+3
Glafkos Charalambous
·
Publicado
2010-08-27
·
Atualizado
2018-10-10
·
CVE-2010-3153
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe InDesign CS4 version 6.0
Adobe InDesign CS5 versions 7.0.2 and earlier
Adobe InDesign Server CS5 versions 7.0.2 and earlier
Adobe InCopy CS5 versions 7.0.2 and earlier
Description
The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This is achieved via a Trojan horse
ibfs32.dll located in the same folder as certain file types, including .indl, .indp, .indt, or .inx files.Recommendations
For Adobe InDesign CS4 version 6.0, update to a version later than 6.0.
For Adobe InDesign CS5 versions 7.0.2 and earlier, update to a version later than 7.0.2.
For Adobe InDesign Server CS5 versions 7.0.2 and earlier, update to a version later than 7.0.2.
For Adobe InCopy CS5 versions 7.0.2 and earlier, update to a version later than 7.0.2.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Incopy Cs5
Indesign Cs4
Indesign Cs5
Indesign Server Cs5