CVE-2006-0525

CWE-2644 documents4 sources
Severity
4.6MEDIUM
EPSS
0.2%
top 56.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Adobe AcrobatAdobe Acrobat ReaderAdobe Creative Suite+6 more
Timeline
PublishedFeb 2
Latest updateMay 1

Description

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages9 packages

NVDadobe/photoshop4 versions+3
NVDadobe/illustrator6 versions+5
NVDadobe/acrobat18 versions+17
NVDadobe/indesigncs, cs3+1

🔴Vulnerability Details

2
GHSA
GHSA-f8mf-jghc-2hh5: Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of2022-05-01
CVEList
CVE-2006-0525: Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of2006-02-02

💬Community

1
Bugzilla
CVE-2006-2224 Quagga RIPd route injection2006-05-08
CVE-2006-0525 (MEDIUM CVSS 4.6) | Multiple Adobe products | cvebase.io