Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2564

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-2564
Last Modified 01 Dec 2010 12:00:00
Published 21 Jul 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-2564

Summary

NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.

Vulnerable Systems

Application

  • Adobe Acrobat Reader 9.0

  • Adobe Acrobat Reader 9.1

  • Corel Getplus Download Manager 1.5.0.48

  • Nos Microsystems Getplus Download Manager 1.6.2.36


References

CERT - TA09-286B

XF - getplus-nos-insecure-permissions(54383)

VUPEN - ADV-2009-2898

VUPEN - ADV-2009-1969

BID - 35740

BUGTRAQ - 20090720 Adobe related service (getPlus_HelperSvc.exe) local elevation of privileges

MILW0RM - 9199

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb09-15.html

SECTRACK - 1023007

SECUNIA - 36331

SECUNIA - 35930

MISC - http://retrogod.altervista.org/9sg_adobe_local.html

CONFIRM - http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html

Related Patches

Adobe APSB09-15 Acrobat Standard 8.1.7 for Windows (Update) (English) (See Notes)

Adobe APSB09-15 Acrobat Standard 8.1.7 for Windows (Update) (Multi-Language) (See Notes)

Adobe APSB09-15 Acrobat Professional 8.1.7 for Windows (Update) (Multi-Language) (See Notes)

Adobe APSB09-15 Acrobat Professional 8.1.7 for Windows (Update) (English) (See Notes)

Adobe APSB09-15 Acrobat 3D 8.1.7 for Windows (Update) (Multi-Language) (See Notes)

Adobe APSB09-15 Adobe Acrobat 8.1.7 Security Update for Windows (All Languages)

Adobe APSB09-15 Adobe Acrobat 9.2 Security Update for Windows (All Languages)

Adobe APSB09-15 (English) Acrobat 9.2.0 Professional and Standard Update for Windows

Adobe APSB09-15 (English) Acrobat 9.2.0 Professional Extended Update for Windows

Adobe APSB09-15 Adobe Acrobat 7.1.4 Security Update for Windows (All Languages)

Adobe APSB09-15 Reader (English) 9.2 Security Update for Windows

Adobe APSB09-15 Adobe Reader (English/MUI) 9.2 for Windows (Upgrade)

Adobe APSB09-15 Reader 8.1.7 Security Update for Macintosh (PPC)

Adobe APSB09-15 Reader 9.2 Security Update for Macintosh (PPC)

Adobe APSB09-15 Reader 9.2 Security Update for Macintosh (Intel)


Last Updated: 27 May 2016 10:50:57