Creative Cloud Desktop Application
by Adobe Inc.
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6935 | Hig | 0.51 | 7.8 | 0.00 | Oct 13, 2016 | Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | ||
| CVE-2019-7959 | 0.01 | — | 0.18 | Aug 16, 2019 | Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2020-9682 | 0.00 | — | 0.03 | Jul 17, 2020 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write. | |||
| CVE-2020-9671 | 0.00 | — | 0.01 | Jul 17, 2020 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. | |||
| CVE-2020-9670 | 0.00 | — | 0.03 | Jul 16, 2020 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation. | |||
| CVE-2020-9669 | 0.00 | — | 0.01 | Jul 16, 2020 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. | |||
| CVE-2020-3808 | 0.00 | — | 0.02 | Mar 25, 2020 | Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion. | |||
| CVE-2019-7958 | 0.00 | — | 0.01 | Aug 16, 2019 | Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation. | |||
| CVE-2019-7957 | 0.00 | — | 0.01 | Aug 16, 2019 | Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service. | |||
| CVE-2019-8063 | 0.00 | — | 0.03 | Aug 16, 2019 | Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage. | |||
| CVE-2019-7093 | 0.00 | — | 0.01 | May 24, 2019 | Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. |
- risk 0.51cvss 7.8epss 0.00
Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.
- CVE-2019-7959Aug 16, 2019risk 0.01cvss —epss 0.18
Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2020-9682Jul 17, 2020risk 0.00cvss —epss 0.03
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.
- CVE-2020-9671Jul 17, 2020risk 0.00cvss —epss 0.01
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.
- CVE-2020-9670Jul 16, 2020risk 0.00cvss —epss 0.03
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation.
- CVE-2020-9669Jul 16, 2020risk 0.00cvss —epss 0.01
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation.
- CVE-2020-3808Mar 25, 2020risk 0.00cvss —epss 0.02
Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion.
- CVE-2019-7958Aug 16, 2019risk 0.00cvss —epss 0.01
Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.
- CVE-2019-7957Aug 16, 2019risk 0.00cvss —epss 0.01
Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service.
- CVE-2019-8063Aug 16, 2019risk 0.00cvss —epss 0.03
Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.
- CVE-2019-7093May 24, 2019risk 0.00cvss —epss 0.01
Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.