PT-2016-5854 · Adobe · Adobe Creative Cloud Desktop Application

Publicado

2016-06-16

·

Atualizado

2016-06-20

·

CVE-2016-4158

CVSS v3.1

7.3

Alta

VetorAV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Adobe Creative Cloud Desktop Application versions prior to 3.7.0.272
Description The issue allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory due to an unquoted Windows search path vulnerability.
Recommendations For versions prior to 3.7.0.272, update to version 3.7.0.272 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2016-4158

Produtos afetados

Adobe Creative Cloud Desktop Application