CVE-2009-3489
First published: Wed Sep 30 2009(Updated: )
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Photoshop Elements | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/36542
- http://retrogod.altervista.org/9sg_adobe_pe_local.html
- http://www.securitytracker.com/id?1022963
- http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html
- http://secunia.com/advisories/36895
- http://www.vupen.com/english/advisories/2009/2798
- http://www.securityfocus.com/archive/1/506806/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/adobe
- canonical/adobe photoshop elements
- version/adobe photoshop elements/8.0