What is the severity of CVE-2009-3489?

CVE-2009-3489 is classified as a high severity vulnerability due to its potential for local privilege escalation.

How do I fix CVE-2009-3489?

To fix CVE-2009-3489, ensure that you apply the latest security patches from Adobe for Photoshop Elements 8.0.

Who is affected by CVE-2009-3489?

CVE-2009-3489 affects users of Adobe Photoshop Elements version 8.0 on Windows systems.

Can CVE-2009-3489 be exploited remotely?

CVE-2009-3489 cannot be exploited remotely; it requires local access to the affected system.

What actions can be taken by an attacker exploiting CVE-2009-3489?

An attacker exploiting CVE-2009-3489 can stop the Adobe Active File Monitor service, execute arbitrary commands as SYSTEM, and modify service configurations.

Vulnerability/
CVE-2009-3489

high

7.8

CWE

16 732

30/9/2009

7/8/2024

CVE-2009-3489

First published: Wed Sep 30 2009(Updated: )

Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Adobe Photoshop Elements	=8.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3489?
CVE-2009-3489 is classified as a high severity vulnerability due to its potential for local privilege escalation.
How do I fix CVE-2009-3489?
To fix CVE-2009-3489, ensure that you apply the latest security patches from Adobe for Photoshop Elements 8.0.
Who is affected by CVE-2009-3489?
CVE-2009-3489 affects users of Adobe Photoshop Elements version 8.0 on Windows systems.
Can CVE-2009-3489 be exploited remotely?
CVE-2009-3489 cannot be exploited remotely; it requires local access to the affected system.
What actions can be taken by an attacker exploiting CVE-2009-3489?
An attacker exploiting CVE-2009-3489 can stop the Adobe Active File Monitor service, execute arbitrary commands as SYSTEM, and modify service configurations.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
agent/author
agent/references
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/adobe
canonical/adobe photoshop elements
version/adobe photoshop elements/8.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.