Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2335

Description

The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program.

Affected products

Macromedia/Contribute
cpe:2.3:a:macromedia:contribute:2.0:*:*:*:*:*:*:*
Macromedia/Studio
cpe:2.3:a:macromedia:studio:2004:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.macromedia.com/devnet/security/security_zone/mpsb04-03.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/9862nvdPatch
secunia.com/advisories/11123nvd
exchange.xforce.ibmcloud.com/vulnerabilities/15465nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000