Vulnerability CVE-2005-4708


Published: 2005-12-31   Modified: 2012-02-12

Description:
Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System.

Type:

CWE-Other

Vendor: Adobe
Product: Studio 
Version: mx;
Product: Freehand 
Version: mx;
Product: Dreamweaver 
Version: 9.0;
Product: Fireworks 
Version: 9.0;
Product: Contribute 
Version: 3; 2;
Product: Elicensing 
Product: Captivate 
Product: Flash player 
Product: Director 

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://securitytracker.com/id?1014158
http://securitytracker.com/id?1014159
http://securitytracker.com/id?1014160
http://securitytracker.com/id?1014161
http://securitytracker.com/id?1014162
http://securitytracker.com/id?1014163
http://securitytracker.com/id?1014164
http://securitytracker.com/id?1014165
http://securitytracker.com/id?1014166
http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
http://www.kb.cert.org/vuls/id/953860
http://www.macromedia.com/devnet/security/security_zone/mpsb05-04.html
http://www.securityfocus.com/archive/1/423587/100/0/threaded
http://www.securityfocus.com/bid/13925
http://www.vupen.com/english/advisories/2005/0723

Related CVE
CVE-2019-8106
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-b...
CVE-2019-8105
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-b...
CVE-2019-8104
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-b...
CVE-2019-8103
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-b...
CVE-2019-8102
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-b...
CVE-2019-8101
Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an integer...
CVE-2019-8100
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-b...
CVE-2019-8099
Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an integer...

Copyright 2019, cxsecurity.com

 

Back to Top