Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Back a couple of years ago when I first found this forum I read and read other's problems and learned a bit. Then suddenly one day I had problems and turned to Cyber Tech Help for assistance and my problems were solved. Since then I have kept a number of programs on my computer....run them frequently and keep them updated. During this time its nearly as if spyware, virus and other nasties were never developed. My point is simply this follow the advise you get here...be deligent in using what is suggested and the internet will be a much nicer place. Its only when I see a friend's computer who doesn't use any "protection" that I remember there were such things as pop ups. Thank you Cyber Tech Help - Webster  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Services

See what services Cyber Tech Help can offer your business or website: CTH Services
CTH Services

Related MS Links

Related Links
Cyber Tech Help Community

To the top of the page to top

 



Flaws revealed in Adobe Version Cue

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Flaws revealed in Adobe Version CueFlaws revealed in Adobe Version Cue

Posted by: Tweaker
Date added: 22:41, 30th August 2005 GMT
Source: InfoWorld

Two new security vulnerabilities were revealed this week in Adobe Systems' (Profile, Products, Articles) Version Cue software, the second and third security flaws discovered in the company's software in less than two weeks, according to security consulting firm iDefense.

Both flaws allow local attackers to gain root privileges to a machine through Version Cue, the file-version manager in Adobe's Creative Suite software, according to Michael Sutton, director of iDefense Labs at iDefense.

One flaw is a "library loading vulnerability" that enables potential hackers to load a custom library by executing a method from the command line of VCNative, a root application in Version Cue, said Rich Johnson, a senior security engineer with iDefense Labs. In this way, someone could take full control of a system and gain root privileges, thus enabling them to introduce malicious code.

The other way someone could gain root privileges through Version Cue is to exploit the log file created when the root application VCNative begins running, he said. The log file is always called the same thing, and if a person "knows what it's called they could put a file in there that would allow redirection of that file to a location of choice, then can override special system files with this," Johnson said.

Adobe already has issued a patch for both vulnerabilities, which can be downloaded at http://www.adobe.com/support/security/main.html#vcuemac, he said.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]