Summary
Adobe Security Bulletin Security for the Creative Cloud Desktop Application is Rejected by (SA71033) for APSB16-21 with issues having the CVE identifiers CVE-2016-4158 and CVE-2016-4157
Synopsis
Adobe Security Bulletin Security for the Creative Cloud Desktop Application is Rejected by (SA71033) for APSB16-21 [1] with issues having the CVE identifiers CVE-2016-4158 and CVE-2016-4157 Reason of Rejection: The issues with the CVE identifiers
CVE-2016-4158 and
CVE-2016-4157 within mentioned advisory
APSB16-21 [1] are rejected due to requiring a violation of security best practices.
Reasons for Rating: 1) Any exploitation scenario regarding the untrusted search path issue related to the installer requires a security best practice violation due to requiring an insecure handling of executable files by a user or improper restrictions imposed by a system configuration policy.
2) Any exploitation scenario regarding the unquoted path issue requires a security best practice violation due to requiring improper restrictions imposed by a system configuration policy.
References:[1]
https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html