Photodex ProShow Producer Insecure File Permissions Local Privilege Escalation Vulnerability
BID:58591
Info
Photodex ProShow Producer Insecure File Permissions Local Privilege Escalation Vulnerability
| Bugtraq ID: | 58591 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 19 2013 12:00AM |
| Updated: | Mar 19 2013 12:00AM |
| Credit: | Julien Ahrens of Inshell Security |
| Vulnerable: |
Photodex ProShow Producer 5.0.3256 Photodex ProShow Producer 5.0.3310 Photodex ProShow Producer 5.0.3297 Photodex ProShow Producer 4.5.2949 |
| Not Vulnerable: | |
Discussion
Photodex ProShow Producer Insecure File Permissions Local Privilege Escalation Vulnerability
Photodex ProShow Producer is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM privileges. Successfully exploiting this issue will result in the complete compromise of the system.
Photodex ProShow Producer 5.0.3310 and prior versions are vulnerable.
Photodex ProShow Producer is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM privileges. Successfully exploiting this issue will result in the complete compromise of the system.
Photodex ProShow Producer 5.0.3310 and prior versions are vulnerable.
Exploit / POC
Photodex ProShow Producer Insecure File Permissions Local Privilege Escalation Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Photodex ProShow Producer Insecure File Permissions Local Privilege Escalation Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Photodex ProShow Producer Insecure File Permissions Local Privilege Escalation Vulnerability
References:
References:
- Photodex ProShow Producer Homepage (Photodex)
- Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation ( Full Disclosure)
- [IA49] Photodex ProShow Producer ScsiAccess Local Privilege Escalation Vulnerabi (Julien Ahrens)