PT-2010-4598 · Adobe · Incopy Cs5+3
Glafkos Charalambous
·
Published
2010-08-27
·
Updated
2018-10-10
·
CVE-2010-3153
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe InDesign CS4 version 6.0
Adobe InDesign CS5 versions 7.0.2 and earlier
Adobe InDesign Server CS5 versions 7.0.2 and earlier
Adobe InCopy CS5 versions 7.0.2 and earlier
Description
The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This is achieved via a Trojan horse
ibfs32.dll located in the same folder as certain file types, including .indl, .indp, .indt, or .inx files.Recommendations
For Adobe InDesign CS4 version 6.0, update to a version later than 6.0.
For Adobe InDesign CS5 versions 7.0.2 and earlier, update to a version later than 7.0.2.
For Adobe InDesign Server CS5 versions 7.0.2 and earlier, update to a version later than 7.0.2.
For Adobe InCopy CS5 versions 7.0.2 and earlier, update to a version later than 7.0.2.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Incopy Cs5
Indesign Cs4
Indesign Cs5
Indesign Server Cs5