CVE-2017-3006 Adobe Creative Cloud Desktop Application Multiple Vulnerabilities (APSB17-13)

Adobe Creative Cloud Desktop Application is your central location for managing the dozens of apps and services that are included in your Creative Cloud membership. You can also sync and share files, manage thousands of fonts, access libraries of stock photography and design assets.

Adobe Creative Cloud Desktop Application fails to set proper resource permissions during the installation of Creative Cloud desktop applications and is also affected by a vulnerability related to directory search path used to find resources that could lead to code execution.

Affected Versions:
Adobe Creative Cloud Desktop Application 3.9.5.353 and earlier versions

Successful exploitation could allow authenticated, unprivileged local attacker to execute arbitrary code under elevated security context of the application.

The vendor has released an update to fix the vulnerability. Please refer to Adobe advisory APSB17-13 for more details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

APSB17-13