This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Adobe Security Bulletin Security for the Creative Cloud Desktop Application is Rejected by Secunia Advisory SA71033

Summary

Adobe Security Bulletin Security for the Creative Cloud Desktop Application is Rejected by (SA71033) for APSB16-21 with issues having the CVE identifiers CVE-2016-4158 and CVE-2016-4157

Synopsis

Adobe Security Bulletin Security for the Creative Cloud Desktop Application is Rejected by (SA71033) for APSB16-21 [1] with issues having the CVE identifiers CVE-2016-4158 and CVE-2016-4157

Reason of Rejection:

The issues with the CVE identifiers CVE-2016-4158 and CVE-2016-4157 within mentioned advisory APSB16-21 [1] are rejected due to requiring a violation of security best practices.

Reasons for Rating:

1) Any exploitation scenario regarding the untrusted search path issue related to the installer requires a security best practice violation due to requiring an insecure handling of executable files by a user or improper restrictions imposed by a system configuration policy.

2) Any exploitation scenario regarding the unquoted path issue requires a security best practice violation due to requiring improper restrictions imposed by a system configuration policy.


References:

[1] https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html


‎Nov 15, 2018 04:24 PM

Was this article helpful? Yes No
No ratings
0 Kudos
Version history
Last update:
‎Nov 15, 2018 04:24 PM
Updated by:
Level 7 Flexeran