Directory Search Path Vulnerability in Adobe Thor for Creative Cloud Applications
CVE-2017-3007

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Thor 3.9.5.353 And Earlier.
Vendor: CVE Published:; 12 April 2017

Summary

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability that allows malicious actors to exploit the directory search path used for resource location. This issue primarily impacts users of Creative Cloud desktop applications, potentially leading to unauthorized access to files and resources. It is essential for users to understand the implications of this vulnerability and ensure they are running the latest, patched versions of the software to safeguard against exploitation.

Affected Version(s)

Adobe Thor 3.9.5.353 and earlier. Adobe Thor 3.9.5.353 and earlier.

References

https://helpx.adobe.com/security/products/creative-cloud/...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97558

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 12, 2017
Vulnerability Reserved
Dec 2, 2016