CVE-2006-0525

Description

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

Affected products

• Adobe / acrobat3.0 – 3.0
• Adobe / acrobat3.1 – 3.1
• Adobe / acrobat4.0 – 4.0
• Adobe / acrobat4.0.5 – 4.0.5
• Adobe / acrobat4.0.5a – 4.0.5a
• Adobe / acrobat4.0.5c – 4.0.5c
• Adobe / acrobat5.0 – 5.0
• Adobe / acrobat5.0.5 – 5.0.5
• Adobe / acrobat5.0.10 – 5.0.10
• Adobe / acrobat6.0 – 6.0
• Adobe / acrobat6.0.1 – 6.0.1
• Adobe / acrobat6.0.2 – 6.0.2
• Adobe / acrobat6.0.3 – 6.0.3
• Adobe / acrobat6.0.4 – 6.0.4
• Adobe / acrobat7.0 – 7.0
• Adobe / acrobat7.0.1 – 7.0.1
• Adobe / acrobat7.0.2 – 7.0.2
• Adobe / acrobat7.0.3 – 7.0.3
• Adobe / Acrobat Reader3.0 – 3.0
• Adobe / Acrobat Reader4.0 – 4.0
• Adobe / Acrobat Reader4.0.5 – 4.0.5
• Adobe / Acrobat Reader4.0.5a – 4.0.5a
• Adobe / Acrobat Reader4.0.5c – 4.0.5c
• Adobe / Acrobat Reader4.5 – 4.5
• Adobe / Acrobat Reader5.0 – 5.0
• Adobe / Acrobat Reader5.0.5 – 5.0.5
• Adobe / Acrobat Reader5.0.10 – 5.0.10
• Adobe / Acrobat Reader5.1 – 5.1
• Adobe / Acrobat Reader6.0 – 6.0
• Adobe / Acrobat Reader6.0.1 – 6.0.1
• Adobe / Acrobat Reader6.0.2 – 6.0.2
• Adobe / Acrobat Reader6.0.3 – 6.0.3
• Adobe / Acrobat Reader6.0.4 – 6.0.4
• Adobe / Acrobat Reader7.0 – 7.0
• Adobe / Acrobat Reader7.0.1 – 7.0.1
• Adobe / Acrobat Reader7.0.2 – 7.0.2
• Adobe / Acrobat Reader7.0.3 – 7.0.3
• Adobe / creative_suite1.0 – 1.0
• Adobe / creative_suite1.3 – 1.3
• Adobe / creative_suite2.0 – 2.0
• Adobe / Illustrator7.0 – 7.0
• Adobe / Illustrator8.0 – 8.0
• Adobe / Illustrator9.0 – 9.0
• Adobe / Illustrator10.0 – 10.0
• Adobe / Illustratorcs – cs
• Adobe / Illustratorcs3 – cs3
• Adobe / InDesigncs – cs
• Adobe / InDesigncs3 – cs3
• Adobe / pagemaker6.5 – 6.5
• Adobe / pagemaker6.5 – 6.5
• Adobe / pagemaker7.0 – 7.0
• Adobe / pagemaker7.0 – 7.0
• Adobe / Photoshop7.0 – 7.0
• Adobe / Photoshop8.0 – 8.0
• Adobe / Photoshop9.0.2 – 9.0.2
• Adobe / Photoshople – le
• Adobe / Premiere1.5 – 1.5
• Adobe / version_cue1.0 – 1.0
• Adobe / version_cue1.0.1 – 1.0.1
• Adobe / version_cuegold – gold

References

• VENDOR_ADVISORYhttp://www.adobe.com/support/techdocs/332644.html
• MISChttp://www.securityfocus.com/bid/16451
• MISChttp://securitytracker.com/id?1015577
• MISChttp://securitytracker.com/id?1015579
• MISChttp://www.securityfocus.com/archive/1/423587/100/0/threaded
• MISChttp://www.kb.cert.org/vuls/id/953860
• VENDOR_ADVISORYhttp://secunia.com/advisories/18698
• MISChttp://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
• MISChttp://securitytracker.com/id?1015578
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/24464
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0431
• MISChttp://www.osvdb.org/22908