1 results (0.001 seconds)
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 5
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 5CVE-2009-2564 – Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2564
21 Jul 2009 — NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is... • https://www.exploit-db.com/exploits/9223 • CWE-264: Permissions, Privileges, and Access Controls •