| Vulnerability Name: | CVE-2005-4708 (CCN-20966) | ||||||||
| Assigned: | 2005-06-09 | ||||||||
| Published: | 2005-06-09 | ||||||||
| Updated: | 2018-10-19 | ||||||||
| Summary: | Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-4708 Source: CCN Type: SA15654 Macromedia Products Privilege Escalation Vulnerability Source: SECUNIA Type: UNKNOWN 15654 Source: CCN Type: SECTRACK ID: 1014158 Macromedia Contribute eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014158 Source: CCN Type: SECTRACK ID: 1014159 Macromedia Dreamweaver eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014159 Source: CCN Type: SECTRACK ID: 1014160 Macromedia Studio eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014160 Source: CCN Type: SECTRACK ID: 1014161 Macromedia Flash eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014161 Source: CCN Type: SECTRACK ID: 1014162 Macromedia Fireworks eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014162 Source: CCN Type: SECTRACK ID: 1014163 Macromedia Director eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014163 Source: CCN Type: SECTRACK ID: 1014164 Macromedia Contribute eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014164 Source: CCN Type: SECTRACK ID: 1014165 Macromedia Captivate eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014165 Source: CCN Type: SECTRACK ID: 1014166 Macromedia FreeHand eLicensing Function Lets Local Users Gain Elevated Privileges Source: SECTRACK Type: UNKNOWN 1014166 Source: MISC Type: UNKNOWN http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf Source: CCN Type: US-CERT VU#953860 Microsoft Windows privilege escalation vulnerability Source: CERT-VN Type: US Government Resource VU#953860 Source: CCN Type: Macomedia Security Advisory MPSB05-04 Potential Security Risk with Macromedia eLicensing Client Activation Code Source: CONFIRM Type: Patch, Vendor Advisory http://www.macromedia.com/devnet/security/security_zone/mpsb05-04.html Source: OSVDB Type: UNKNOWN 17248 Source: CCN Type: OSVDB ID: 17248 Macromedia Multiple Products eLicensing Client Local Privilege Escalation Source: CCN Type: OSVDB ID: 22916 Macromedia Multiple Products Licensing Service Path Subversion Local Privilege Escalation Source: BUGTRAQ Type: UNKNOWN 20060131 Windows Access Control Demystified Source: BID Type: UNKNOWN 13925 Source: CCN Type: BID-13925 Macromedia eLicensing Client Activation Code Local Privilege Escalation Vulnerability Source: VUPEN Type: UNKNOWN ADV-2005-0723 Source: XF Type: UNKNOWN elicensing-config-code-execution(20966) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||