bellick has discovered a vulnerability in Adobe Photoshop Elements, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to an insecure Discretionary Access Control List (DACL) for the "Adobe Active File Monitor V8" service, which can be exploited to e.g. change certain properties of the service and execute arbitrary commands with escalated privileges.
The vulnerability is confirmed in Adobe Photoshop Elements 8.0 (20090905.r.605812) and reported in Adobe Photoshop Elements 7.0. Other versions may also be affected.
Solution: Update to a fixed version or apply the recommended workaround.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Adobe Photoshop Elements Active File Monitor Service Privilege Escalation
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.