This host is installed with Adobe LiveCycle Designer and is prone to untrusted search path vulnerability.
Successful exploitation will allow remote attackers to execute arbitrary code on the target system. Impact Level: System/Application
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
The flaw is due to the way it loads dynamic-link libraries. The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version.
Adobe LiveCycle Designer version ES2 188.8.131.5291029.1.612548 on Windows
- Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Mac OS X)
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Mac OS X)
- Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
- Apple Mac OS X Multiple Vulnerabilities - 02 Jan14