CVE-2016-4157

CWE-2643 documents3 sources
Severity
7.3HIGH
EPSS
0.2%
top 62.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Creative Cloud
Timeline
PublishedJun 16
Latest updateMay 17

Description

Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages1 packages

NVDadobe/creative_cloud3.6.0.248

🔴Vulnerability Details

2
GHSA
GHSA-cw7p-pj6q-fmg8: Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 32022-05-17
CVEList
CVE-2016-4157: Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 32016-06-16
CVE-2016-4157 (HIGH CVSS 7.3) | Untrusted search path vulnerability | cvebase.io