This script is Copyright (C) 2017 Tenable Network Security, Inc.
An application installed on the remote host is affected by multiple
The version of Adobe Creative Cloud Desktop installed on the remote
Windows host is prior to 22.214.171.124. It is, therefore, affected by the
following vulnerabilities :
- An unspecified flaw exists in the installation process
due to improper usage of resource permissions that
allows an unauthenticated, remote attacker to have an
unspecified impact. (CVE-2017-3006)
- An information disclosure vulnerability exists due to
using insecure directory search paths when locating
resources. An unauthenticated, remote attacker can
exploit this to disclose sensitive information, which
potentially could be used to facilitate further remote
code execution attacks. (CVE-2017-3007)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Adobe Creative Cloud Desktop version 126.96.36.199 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true