Adobe Bridge Update Installer Local Privilege Escalation Vulnerability
BID:23404
Info
Adobe Bridge Update Installer Local Privilege Escalation Vulnerability
| Bugtraq ID: | 23404 |
| Class: | Design Error |
| CVE: |
CVE-2007-1279 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 11 2007 12:00AM |
| Updated: | Mar 13 2008 01:41AM |
| Credit: | Jerry Case is credited with the discovery of this issue. |
| Vulnerable: |
Apple Mac OS X 10.4.9 Adobe Bridge Update 1.0.3 |
| Not Vulnerable: |
Adobe Bridge 1.0.4 |
Discussion
Adobe Bridge Update Installer Local Privilege Escalation Vulnerability
Adobe Bridge Update Installer is prone to a local privilege-escalation vulnerability. This issue stems from a flaw in the update installer that allows a nonadministrative user to gain administrative privileges.
Exploiting this issue allows local attackers to gain elevated privileges, potentially leading to a complete compromise of affected computers.
This issue affects the Bridge 1.0.3 update on the Mac OS.
Adobe Bridge Update Installer is prone to a local privilege-escalation vulnerability. This issue stems from a flaw in the update installer that allows a nonadministrative user to gain administrative privileges.
Exploiting this issue allows local attackers to gain elevated privileges, potentially leading to a complete compromise of affected computers.
This issue affects the Bridge 1.0.3 update on the Mac OS.
Exploit / POC
Adobe Bridge Update Installer Local Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Adobe Bridge Update Installer Local Privilege Escalation Vulnerability
Solution:
The vendor has released fixes and instructions on how to address this issue. Please see the references for more information.
Adobe Bridge Update 1.0.3
Solution:
The vendor has released fixes and instructions on how to address this issue. Please see the references for more information.
Adobe Bridge Update 1.0.3
-
Adobe Adobe Bridge Update 1.0.3 New
http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=3125&fileID= 3392
References
Adobe Bridge Update Installer Local Privilege Escalation Vulnerability
References:
References: