Описание
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
Ссылки
- Broken Link
- Broken LinkExploit
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Permissions Required
- Broken Link
- Broken LinkExploit
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Permissions Required
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:adobe:photoshop_elements:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00231
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
почти 4 года назад
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
EPSS
Процентиль: 46%
0.00231
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-732