Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Creative Cloud Desktop installer Uncontrolled Search Path element could lead to arbitrary code execution
Vulnerability Description
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Creative Cloud Desktop Application 代码问题漏洞
Vulnerability Description
Adobe Creative Cloud Desktop Application是美国奥多比(Adobe)公司的一套用于在Creative云会员管理中心管理应用程序和服务的应用程序。该程序支持同步和共享文件、管理字体以及访问商业摄影和设计的资产库。 Creative Cloud Desktop Application 存在代码问题漏洞,该漏洞源于程序的安装程序以不安全的方式加载DLL库,远程攻击者可利用该漏洞在远程SMB fileshare上放置一个专门制作的.dll文件,欺骗受害者从该目录启动安装文件,
CVSS Information
N/A
Vulnerability Type
N/A