Vulnerabilities > CVE-2006-3452 - Local Privilege Escalation vulnerability in Adobe Acrobat / Adobe Reader
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files. This vulnerability only exists in multi-user environments. This vulnerability is addressed in the following product releases: Adobe, Acrobat Reader, 6.0.5 for Mac OSX Adobe, Acrobat, 6.0.5 for Mac OSX
Vulnerable Configurations
References
- http://secunia.com/advisories/21016
- http://securitytracker.com/id?1016473
- http://www.adobe.com/support/security/bulletins/apsb06-08.html
- http://www.osvdb.org/27157
- http://www.securityfocus.com/bid/18945
- http://www.vupen.com/english/advisories/2006/2758
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27678