Adobe CS2, Illustartor...etc vulnerability patches
polycounter lvl 20
Just saw this over on HardOCP and thought I would post it along. here is the dish from Adobe's site:
[ QUOTE ]
Overview: Adobe has been made aware that the file and folder permissions for Photoshop CS2, Illustrator CS2, and Adobe Help Center can permit non-privileged users to change key program files. This condition presents a risk for shared, multi-user systems. Adobe is providing update utilities which correct these access permission issues and prevent manipulation of the program files by non-privileged users. Adobe recommends that customers using CS2 products on shared systems apply these updates.
Effect: If exploited, this vulnerability could allow a hostile user to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user.
Details: The identified vulnerability allows non-privileged users permission to change key program files. This condition presents a risk for shared, multi-user systems. On such systems, a hostile user could take advantage of this condition to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user.
Severity: Adobe categorizes this issue as an important issue and recommends that users patch their installations.
[/ QUOTE ]
You can read it and get the patch(es) here: http://www.adobe.com/support/techdocs/332644.html
[ QUOTE ]
Overview: Adobe has been made aware that the file and folder permissions for Photoshop CS2, Illustrator CS2, and Adobe Help Center can permit non-privileged users to change key program files. This condition presents a risk for shared, multi-user systems. Adobe is providing update utilities which correct these access permission issues and prevent manipulation of the program files by non-privileged users. Adobe recommends that customers using CS2 products on shared systems apply these updates.
Effect: If exploited, this vulnerability could allow a hostile user to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user.
Details: The identified vulnerability allows non-privileged users permission to change key program files. This condition presents a risk for shared, multi-user systems. On such systems, a hostile user could take advantage of this condition to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user.
Severity: Adobe categorizes this issue as an important issue and recommends that users patch their installations.
[/ QUOTE ]
You can read it and get the patch(es) here: http://www.adobe.com/support/techdocs/332644.html