Adobe Creative Cloud Desktop < Multiple Vulnerabilities (APSB17-13)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

An application installed on the remote host is affected by multiple

Description :

The version of Adobe Creative Cloud Desktop installed on the remote
Windows host is prior to It is, therefore, affected by the
following vulnerabilities :

- An unspecified flaw exists in the installation process
due to improper usage of resource permissions that
allows an unauthenticated, remote attacker to have an
unspecified impact. (CVE-2017-3006)

- An information disclosure vulnerability exists due to
using insecure directory search paths when locating
resources. An unauthenticated, remote attacker can
exploit this to disclose sensitive information, which
potentially could be used to facilitate further remote
code execution attacks. (CVE-2017-3007)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

Solution :

Upgrade to Adobe Creative Cloud Desktop version or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 99366 ()

Bugtraq ID: 97555

CVE ID: CVE-2017-3006

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now