{"api_version":"1","generated_at":"2026-04-23T11:33:29+00:00","cve":"CVE-2004-2335","urls":{"html":"https://cve.report/CVE-2004-2335","api":"https://cve.report/api/cve/CVE-2004-2335.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-2335","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-2335"},"summary":{"title":"CVE-2004-2335","description":"The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-12-31 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://secunia.com/advisories/11123","name":"http://secunia.com/advisories/11123","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - Macromedia Multiple Products Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html","name":"http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Macromedia - MPSB04-03 Potential Security Risk with Macromedia E-Licensing Client Activation Code","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15465","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15465","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/9862","name":"http://www.securityfocus.com/bid/9862","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Macromedia Studio MX 2004 /Contribute 2 Local Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-2335","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-2335","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"2335","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"macromedia","cpe5":"contribute","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"2335","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"macromedia","cpe5":"studio","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T01:22:13.628Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"9862","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/9862"},{"name":"elicensing-gain-privileges(15465)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15465"},{"name":"11123","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/11123"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-03-12T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"9862","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/9862"},{"name":"elicensing-gain-privileges(15465)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15465"},{"name":"11123","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/11123"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-2335","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"9862","refsource":"BID","url":"http://www.securityfocus.com/bid/9862"},{"name":"elicensing-gain-privileges(15465)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15465"},{"name":"11123","refsource":"SECUNIA","url":"http://secunia.com/advisories/11123"},{"name":"http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html","refsource":"CONFIRM","url":"http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-2335","datePublished":"2005-08-16T04:00:00.000Z","dateReserved":"2005-08-16T00:00:00.000Z","dateUpdated":"2024-08-08T01:22:13.628Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-12-31 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:macromedia:contribute:2.0:*:*:*:*:*:*:*","matchCriteriaId":"B8E7D7C2-9393-445E-BD3B-22357D23E25C"},{"vulnerable":true,"criteria":"cpe:2.3:a:macromedia:studio:2004:*:*:*:*:*:*:*","matchCriteriaId":"D230930C-5055-4209-999A-3B1C8029F9F7"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"2335","Ordinal":"1","Title":"CVE-2004-2335","CVE":"CVE-2004-2335","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"2335","Ordinal":"1","NoteData":"The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.","Type":"Description","Title":"CVE-2004-2335"},{"CveYear":"2004","CveId":"2335","Ordinal":"2","NoteData":"2005-08-16","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"2335","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}