CVE-2016-1034

4 documents4 sources
Severity
9.1CRITICAL
EPSS
1.5%
top 19.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Creative Cloud
Timeline
PublishedApr 12
Latest updateMay 17

Description

The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

NVDadobe/creative_cloud3.5.1.209

🔴Vulnerability Details

2
GHSA
GHSA-wvgc-w834-7jxx: The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 32022-05-17
CVEList
CVE-2016-1034: The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 32016-04-12

💬Community

1
Bugzilla
CVE-2016-3697 docker: privilege escalation via confusion of usernames and UIDs2016-04-22
CVE-2016-1034 (CRITICAL CVSS 9.1) | The Sync Process in the JavaScript | cvebase.io