Vulnerabilities > CVE-2005-4708 - Local Privilege Escalation vulnerability in Macromedia eLicensing Client Activation Code
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 11 |
References
- http://secunia.com/advisories/15654
- http://securitytracker.com/id?1014158
- http://securitytracker.com/id?1014159
- http://securitytracker.com/id?1014160
- http://securitytracker.com/id?1014161
- http://securitytracker.com/id?1014162
- http://securitytracker.com/id?1014163
- http://securitytracker.com/id?1014164
- http://securitytracker.com/id?1014165
- http://securitytracker.com/id?1014166
- http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
- http://www.kb.cert.org/vuls/id/953860
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-04.html
- http://www.osvdb.org/17248
- http://www.securityfocus.com/archive/1/423587/100/0/threaded
- http://www.securityfocus.com/bid/13925
- http://www.vupen.com/english/advisories/2005/0723