Adobe Creative Cloud <= Arbitrary File Read/Write Vulnerability

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

An application installed on the remote host is affected by an
arbitrary file read/write vulnerability.

Description :

The version of Adobe Creative Cloud installed on the remote Windows
host is prior or equal to It is, therefore, affected by a
flaw in the JavaScript API for Creative Cloud Libraries due to an
exposed service. An unauthenticated, remote attacker can exploit this
to read or write arbitrary files on the host file system.

See also :

Solution :

Upgrade to Adobe Creative Cloud version or later.

Risk factor :

High / CVSS Base Score : 9.4
CVSS Temporal Score : 7.8
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 91386 ()

Bugtraq ID: 86001

CVE ID: CVE-2016-1034

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now