CVE-2007-2682 - The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3

CVE-2007-2682

Summary

The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3 (CS3), does not re-enable the personal firewall after completing the product installation, which allows remote attackers to bypass intended firewall rules.

References

Vulnerable Configurations

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:design_premium:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:design_premium:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:design_standard:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:design_standard:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:web_premium:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:web_premium:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:web_standard:*:*:*:*:*
cpe:2.3:a:adobe:creative_suite:3.0:*:web_standard:*:*:*:*:*

CVSS

Base:	7.5 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	24027
confirm	http://www.adobe.com/support/security/bulletins/apsb07-11.html
osvdb	35868
sectrack	1018075
secunia	25291
vupen	ADV-2007-1850
xf	adobe-installer-security-bypass(34342)

Last major update

29-07-2017 - 01:31

Published

18-05-2007 - 18:30

Last modified

29-07-2017 - 01:31