CVE-2009-3489

Name of the Vulnerable Software and Affected Versions Adobe Photoshop Elements version 8.0

Description The issue allows local users to stop the service, execute arbitrary commands as SYSTEM by modifying the binPath variable using the config command, or restart the service. This is due to an insecure security descriptor in the Adobe Active File Monitor V8 service installed by Adobe Photoshop Elements.

Recommendations For Adobe Photoshop Elements version 8.0, consider restricting access to the service to prevent unauthorized modifications, and avoid using the config command to modify the binPath variable until a fix is available. As a temporary workaround, consider disabling the Adobe Active File Monitor V8 service until a patch is available.