CVE-2009-2564

Name of the Vulnerable Software and Affected Versions getPlus Download Manager versions prior to 1.5.0.48 Adobe Reader version 1.6.2.36

Description The issue allows local users to gain SYSTEM privileges by replacing getPlus HelperSvc.exe with a Trojan horse program due to insecure permissions (Everyone:Full Control) set by the getPlus Download Manager. This is demonstrated by the use of getPlus Download Manager within Adobe Reader. However, within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.

Recommendations For getPlus Download Manager versions prior to 1.5.0.48, update to version 1.5.0.48 or later to resolve the issue. For Adobe Reader version 1.6.2.36, consider removing or restricting access to the getPlus Download Manager to minimize the risk of exploitation until a patch is available.