1. Home
  2. CVE Database
  3. CVE-2006-0525
MEDIUM · 4.6

CVE-2006-0525

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group,...

Vulnerability Description

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
AdobeAcrobat3.0
AdobeAcrobat Reader3.0
AdobeCreative Suite1.0
AdobeIllustrator7.0
AdobeIndesigncs
AdobePagemaker6.5
AdobePhotoshop7.0
AdobePremiere1.5
AdobeVersion Cue1.0

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2006-0525?

CVE-2006-0525 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group,...

How severe is CVE-2006-0525?

CVE-2006-0525 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-0525?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Reader, Adobe Creative Suite, Adobe Illustrator, Adobe Indesign.