Adobe Creative Cloud vulnerabilities

CVE-2016-6935 [HIGH] CWE-428 CVE-2016-6935: Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0. Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

CVE-2016-4158 [HIGH] CWE-264 CVE-2016-4158: Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0. Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

CVE-2016-4157 [HIGH] CWE-264 CVE-2016-4157: Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application bef Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

CVE-2016-1034 [CRITICAL] CVE-2016-1034: The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors.