Vulnerability CVE-2007-1279
Published: 2007-04-11   Modified: 2012-02-12

Description:
Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges.

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Adobe -> Bridge 

 References:
http://www.adobe.com/support/security/bulletins/apsb07-09.html
http://xforce.iss.net/xforce/xfdb/33570
http://www.vupen.com/english/advisories/2007/1342
http://www.securitytracker.com/id?1017900
http://www.securityfocus.com/bid/23404
http://www.osvdb.org/34896
http://secunia.com/advisories/24854
Copyright 2024, cxsecurity.com

 

Back to Top