Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
| Link | Tags |
|---|---|
| http://www.adobe.com/support/techdocs/332644.html | |
| http://www.securityfocus.com/bid/16451 | vdb entry |
| http://securitytracker.com/id?1015577 | vdb entry |
| http://securitytracker.com/id?1015579 | vdb entry |
| http://www.securityfocus.com/archive/1/423587/100/0/threaded | mailing list |
| http://www.kb.cert.org/vuls/id/953860 | third party advisory us government resource |
| http://secunia.com/advisories/18698 | third party advisory vendor advisory |
| http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf | |
| http://securitytracker.com/id?1015578 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24464 | vdb entry |
| http://www.vupen.com/english/advisories/2006/0431 | vdb entry vendor advisory |
| http://www.osvdb.org/22908 | vdb entry |