CVE-2007-1279

Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/24854	Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb07-09.html	Patch Vendor Advisory
http://www.osvdb.org/34896
http://www.securityfocus.com/bid/23404
http://www.securitytracker.com/id?1017900	Vendor Advisory
http://www.vupen.com/english/advisories/2007/1342	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33570

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-04-11 22:19

Updated : 2024-02-28 11:01

NVD link : CVE-2007-1279

Mitre link : CVE-2007-1279

CVE.ORG link : CVE-2007-1279

JSON object : View

Products Affected

apple

mac_os_x

adobe

bridge

CWE

NVD-CWE-noinfo

{"id": "CVE-2007-1279", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-04-11T22:19:00.000", "references": [{"url": "http://secunia.com/advisories/24854", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.adobe.com/support/security/bulletins/apsb07-09.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/34896", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23404", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017900", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1342", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33570", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el instalador para la actualizaci\u00f3n de Adobe Bridge versi\u00f3n 1.0.3 para Apple OS X, al aplicar parches con herramientas de administraci\u00f3n de escritorio, permite a usuarios locales alcanzar privilegios por medio de vectores no especificados durante la instalaci\u00f3n de la actualizaci\u00f3n de un usuario diferente que tiene privilegios administrativos."}], "lastModified": "2017-07-29T01:30:42.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BDAC530-C279-4E0B-9D22-DB3FDA414F81"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}