CVE-2016-1034

Sažetak

The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors.

Reference

http://www.zerodayinitiative.com/advisories/ZDI-16-235
https://helpx.adobe.com/security/products/creative-cloud/apsb16-11.html

CVSS

Base:	9.4
Impact:	9.2
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:N

Zadnje važnije ažuriranje

03-12-2016 - 03:20

Objavljeno

12-04-2016 - 23:59