Overview
- Description
- The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:macromedia:contribute:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8E7D7C2-9393-445E-BD3B-22357D23E25C"
},
{
"criteria": "cpe:2.3:a:macromedia:studio:2004:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D230930C-5055-4209-999A-3B1C8029F9F7"
}
],
"operator": "OR"
}
]
}
]