CVE-2005-4708

3 documents3 sources

Severity

7.2HIGH

EPSS

0.2%

top 62.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Contribute Adobe Dreamweaver Adobe Fireworks +2 more

Timeline

PublishedDec 31

Latest updateMay 1

Description

Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages5 packages

▶NVDadobe/contribute2, 3+1

▶NVDadobe/studiomx

▶NVDadobe/freehandmx

▶NVDadobe/fireworks9.0

▶NVDadobe/dreamweaver9.0

Patches

Patch: www.macromedia.com ↗Patch: www.macromedia.com ↗

🔴Vulnerability Details

GHSA

GHSA-54pm-xxpg-8wgg: Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the User↗2022-05-01

▶

CVEList

CVE-2005-4708: Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the User↗2006-02-02

▶