Local Code Execution Vulnerability in Adobe Macromedia MX 2004 Products
CVE-2005-4708

Currently unrated

Key Information:

Vendor: Adobe
Status: Contribute; Dreamweaver; Flash Player; Fireworks
Vendor: CVE Published:; 31 December 2005

Summary

A vulnerability exists in Adobe's Macromedia MX 2004 suite, which allows local users to execute arbitrary code with Local System privileges. This issue arises because the Macromedia Licensing Service is installed with insufficient permissions, permitting users in the 'Users' group to configure the service, including specifying the executable path. Exploiting this flaw could enable unauthorized code execution, potentially leading to system compromise.

References

http://securitytracker.com/id?1014162

vdb-entryx_refsource_SECTRACK

http://securitytracker.com/id?1014161

vdb-entryx_refsource_SECTRACK

http://securitytracker.com/id?1014165

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability Reserved
Feb 2, 2006
Vulnerability published
Dec 31, 2005