CVE-2017-3006

8.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Thor 3.9.5.353 And Earlier.
Vendor: CVE Published:; 12 April 2017

Summary

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.

Affected Version(s)

Adobe Thor 3.9.5.353 and earlier. Adobe Thor 3.9.5.353 and earlier.

References

https://www.exploit-db.com/exploits/41878/

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/97555

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/creative-cloud/...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 12, 2017
Vulnerability Reserved
Dec 2, 2016