Summary
This host is installed with Adobe InDesign and is prone to insecure library loading vulnerability.
Impact
Successful exploitation will allow the attackers to execute arbitrary code and conduct DLL hijacking attacks.
Impact Level: Application.
Solution
Upgrade Adobe InDesign to version CS4 6.0.6 or later, For updates refer to http://www.adobe.com/downloads
Insight
The flaw is due to the application insecurely loading certain librairies from the current working directory, which could allow attackers to execute arbitrary code by tricking a user into opening a file from a network share.
Affected
Adobe InDesign version CS4 6.0
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-3153 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)