Description: Chris Irvine has discovered a vulnerability in Macromedia MX 2004 products, which can be exploited by malicious, local users to escalate their privileges.
The problem is that the setuid root file "Library/Application Support/Macrovision/AuthenticationService" is writable by "other". This can be exploited to execute arbitrary code with the privileges of a user using the affected products by overwriting the file.
The vulnerability affect Macromedia MX 2004 products and Contribute 2 running on the Mac OS X platform.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
