fkie_cve-2007-1279
Vulnerability from fkie_nvd
Published
2007-04-11 22:19
Modified
2024-11-21 00:27
Severity ?
Summary
Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges.
References
cve@mitre.orghttp://secunia.com/advisories/24854Vendor Advisory
cve@mitre.orghttp://www.adobe.com/support/security/bulletins/apsb07-09.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/34896
cve@mitre.orghttp://www.securityfocus.com/bid/23404
cve@mitre.orghttp://www.securitytracker.com/id?1017900Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1342Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/33570
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24854Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb07-09.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/34896
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23404
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017900Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1342Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/33570
Impacted products
Vendor Product Version
apple mac_os_x *
adobe bridge 1.0.3


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:adobe:bridge:1.0.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BDAC530-C279-4E0B-9D22-DB3FDA414F81",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad no especificada en el instalador para la actualización de Adobe Bridge versión 1.0.3 para Apple OS X, al aplicar parches con herramientas de administración de escritorio, permite a usuarios locales alcanzar privilegios por medio de vectores no especificados durante la instalación de la actualización de un usuario diferente que tiene privilegios administrativos.",
      },
   ],
   id: "CVE-2007-1279",
   lastModified: "2024-11-21T00:27:56.500",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: true,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2007-04-11T22:19:00.000",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/24854",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.adobe.com/support/security/bulletins/apsb07-09.html",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.osvdb.org/34896",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/bid/23404",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.securitytracker.com/id?1017900",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1342",
      },
      {
         source: "cve@mitre.org",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33570",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/24854",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://www.adobe.com/support/security/bulletins/apsb07-09.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.osvdb.org/34896",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/23404",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.securitytracker.com/id?1017900",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2007/1342",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33570",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.