Vulnerability Description
The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Macromedia | Contribute | 2.0 |
| Macromedia | Studio | 2004 |
References
- http://secunia.com/advisories/11123
- http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/9862Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15465
- http://secunia.com/advisories/11123
- http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/9862Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15465
FAQ
What is CVE-2004-2335?
CVE-2004-2335 is a vulnerability with a CVSS score of 7.2 (HIGH). The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and wri...
How severe is CVE-2004-2335?
CVE-2004-2335 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2335?
Check the references section above for vendor advisories and patch information. Affected products include: Macromedia Contribute, Macromedia Studio.