CVE-2004-2335
Summary
| CVE | CVE-2004-2335 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-12-31 05:00:00 UTC |
| Updated | 2017-07-11 01:31:00 UTC |
| Description | The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Macromedia | Contribute | 2.0 | All | All | All |
| Application | Macromedia | Contribute | 2.0 | All | All | All |
| Application | Macromedia | Studio | 2004 | All | All | All |
| Application | Macromedia | Studio | 2004 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Secunia - Advisories - Macromedia Multiple Products Privilege Escalation Vulnerability | SECUNIA | secunia.com | |
| Macromedia Studio MX 2004 /Contribute 2 Local Privilege Escalation Vulnerability | BID | www.securityfocus.com | Patch |
| Macromedia - MPSB04-03 Potential Security Risk with Macromedia E-Licensing Client Activation Code | CONFIRM | www.macromedia.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.