Privilege Escalation Vulnerability in Adobe Thor Affects Creative Cloud Desktop Applications
CVE-2017-3006

8.8HIGH

Key Information:

Vendor
Adobe
Status
Adobe Thor 3.9.5.353 And Earlier.
Vendor
CVE Published:
12 April 2017

Summary

Adobe Thor versions 3.9.5.353 and earlier have a security vulnerability that arises from improper handling of resource permissions during the installation process of Creative Cloud desktop applications. This flaw could potentially allow unauthorized elevation of privileges, which might enable attackers to gain elevated rights on affected systems.

Affected Version(s)

Adobe Thor 3.9.5.353 and earlier. Adobe Thor 3.9.5.353 and earlier.

References

https://www.exploit-db.com/exploits/41878/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/97555
vdb-entryx_refsource_BID
https://helpx.adobe.com/security/products/creative-cloud/...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.