CVE-2018-5003

CWE-4263 documents3 sources
Severity
7.8HIGH
EPSS
1.4%
top 19.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Creative Cloud
Timeline
PublishedAug 29
Latest updateMay 14

Description

Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) has an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe_creative_cloud_desktop_application_before_4.5.5.342Adobe Creative Cloud Desktop Application before 4.5.5.342
NVDadobe/creative_cloud< 4.5.5.342

🔴Vulnerability Details

2
GHSA
GHSA-wqqg-9w32-87v5: Adobe Creative Cloud Desktop Application before 42022-05-14
CVEList
CVE-2018-5003: Adobe Creative Cloud Desktop Application before 42018-08-29
CVE-2018-5003 (HIGH CVSS 7.8) | Adobe Creative Cloud Desktop Applic | cvebase.io