Lucene search

[email protected]NVD:CVE-2004-2335

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2335

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.

Affected configurations

NVD

Node

macromediacontributeMatch2.0

macromediastudioMatch2004

References

secunia.com/advisories/11123

www.macromedia.com/devnet/security/security_zone/mpsb04-03.html

www.securityfocus.com/bid/9862

exchange.xforce.ibmcloud.com/vulnerabilities/15465

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2004-2335

cve1 cvelist1