Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Adobe Creative Suite CS5: vulnerability in Java JRE version insta...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Photoshop CS5 12.x

This thread has been marked as resolved.
Shepherd_france Adobe Creative Suite CS5: vulnerability in Java JRE version installed
Member 27th May, 2010 01:34
Ranking: 0
Posts: 6
User Since: 27th May, 2010
System Score: N/A
Location: FR
Last edited on 27th May, 2010 01:50

Hi,

After Photoshop CS5 installation (using Creative Suite Design Premium DVD), I had the bad surprise to see the following Secunia PSI alerts (French to English translation):

Sun Java JRE 1.6.x / 6.x (needs to be uninstalled)
Sun Java JRE 1.6.x / 6.x software (needs to be uninstalled) is vulnerable and could threat your computer security !
Secunia highly recommends to update this software by installing patch vendor.
Version of JRE detected: 6.0.180.7 (Secunia advisory: SA37255)

This alert shows up twice for following paths:
C:\Users\All Users\Adobe\CS5\jre\bin\java.exe
C:\ProgramData\Adobe\CS5\jre\bin\java.exe

I launched Adobe Updater: no patch available (products are up-to-date). I called Adobe technical support who was not informed about this problem and told me that each software had vulnerabilities anyway. What an answer!

Java v6.0.20 (last version available) was already installed on my system before Adobe Creative Suite Design Premium CS5 installation.
Though Firefox plugins window displays Java Deployment Toolkit v6.0.200.2 and Java Platform SE6 U 20 v6.0.200.2, vulnerabilities are also reported in the Secunia browsers tab.
I don't know how to patch twice this same vulnerability since JRE is there part of Adobe application folders. For Java updater, of course version installed is up-to-date.
I don't know either if there is a workaround (without creating problem running Adobe programs).

Please Secunia, help would be more than welcome.
Thank you :-).

PS: obviously I'm not the only one to meet this problem. See lkupersmith comments on Adobe forum
http://forums.adobe.com/message/2843539#2843539

Post "RE: Adobe Creative Suite CS5: vulnerability in Java JRE version installed" has been selected as an answer.
taffy078 RE: Adobe Creative Suite CS5: vulnerability in Java JRE version installed
Contributor 27th May, 2010 07:07
Score: 408
Posts: 1,335
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 27th May, 2010 07:10
Hi - and welcome to Secunia.

This section - Vulnerabilities - is used by Secunia to provide information about vulnerabilities.

It is most unlikely that any member will post a reply here.

What you now need to do is to create a new thread in Programs.

When you do that & input the vendor's name, please allow a second or two for the screen to refresh and give you a list of programs.

I see you've already searched and seen some of the issues with this common problem. I'm sure that the teccie guys will soon sort it out for you when they get here, and when you have re-posted it!

If this solves your problem for now please close this thread by choosing ACCEPT so you & I won't receive unnecessary update emails.


--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability