Adobe Creative Cloud CVE-2017-3006 Local Security Bypass Vulnerability

Adobe Creative Cloud is prone to a local security-bypass vulnerability.

An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Adobe Creative Cloud 3.9.5.353 and prior are vulnerable.

Information

Bugtraq ID: 97555
Class: Design Error
CVE: CVE-2017-3006

Remote: No
Local: Yes
Published: Apr 11 2017 12:00AM
Updated: Apr 13 2017 01:03AM
Credit: John Page a.k.a. hyp3rlinx
Vulnerable: Adobe Creative Cloud 3.9.5.353
Adobe Creative Cloud 3.8.0.310
Adobe Creative Cloud 3.7.0.272
Adobe Creative Cloud 3.6.0.248
Adobe Creative Cloud 3.6.0.244
Adobe Creative Cloud 3.5.1.209

Not Vulnerable: Adobe Creative Cloud 4.0.0.185

References:

Adobe Homepage (Adobe)
Creative Cloud Product Page (Adobe)
APSB17-13: Security update available for the Creative Cloud Desktop Application (Adobe)

Source: www.securityfocus.com

Exploit Collector

Search Exploit

Adobe Creative Cloud CVE-2017-3006 Local Security Bypass Vulnerability

Information