Macromedia Security Bulletin MPSB05-04

Discussion in 'other security issues & news' started by NICK ADSL UK, Jun 10, 2005.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,505
    Location:
    UK
    Post courtesy of Donna Buenaventura [Microsoft MVP]
    Potential Security Risk with Macromedia eLicensing Client Activation Code

    Summary

    Windows versions of the Macromedia installers and eLicensing client install a service with permissions that allow any member of the "Users" group to modify the service settings. This may allow local users to obtain the permissions of the "Local System" account.

    This potential vulnerability does not affect products installed on machines with a single user and it cannot be exploited remotely.

    Solution

    A hotfix can be downloaded from the Macromedia website to protect users of affected versions of Macromedia products, listed below.

    All future versions of Macromedia products will be unaffected by this issue.

    Affected Software Versions

    All versions of Macromedia MX 2004 products (Studio, Studio with Flash Professional, Flash Professional, Flash, FreeHand, Dreamweaver, Fireworks, and Director) as well as Captivate, Contribute 2, and Contribute 3 are affected.

    More info in http://www.macromedia.com/devnet/security/security_zone/mpsb05-04.html
     
    NICK ADSL UK, Jun 10, 2005
    #1
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...