Oval Definition:oval:org.opensuse.security:def:20092564
Revision Date:2015-11-16Version:1
Title:CVE-2009-2564
Description:
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-2564
Platform(s):openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise 11 Moblin 2.0
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
Product(s):
Definition Synopsis
  • Release Information
  • suse110 is installed
  • AND acroread less than 8.1.7-0.1
  • OR
  • suse111 is installed
  • AND acroread less than 8.1.7-0.1.1
  • OR Package Information
  • sled10-sp3 is installed
  • AND acroread less than 8.1.7-0.5.1
  • OR Package Information
  • sled10-sp3 is installed
  • AND acroread_ja less than 8.1.7-0.5.1
  • OR Package Information
  • sled11 is installed
  • AND acroread_ja less than 8.1.7-0.1.1
  • OR Package Information
  • sled11 is installed
  • AND acroread less than 8.1.7-0.1.1
  • OR Package Information
  • sle11-moblin20 is installed
  • AND acroread less than 8.1.7-0.1.1
  • BACK