VDB-288966 · CVE-2024-12786 · GCVE-100-288966

X1a0He Adobe Downloader ଯେପର୍ଯ୍ୟନ୍ତ 1.3.1 ଅନ୍ macOS XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection ବିସ୍ତାରିତ ଅଧିକାର

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame X1a0He Adobe Downloader ଯେପର୍ଯ୍ୟନ୍ତ 1.3.1 irratti macOS keessatti argameera. Kan miidhamte is hojii shouldAcceptNewConnection faayilii com.x1a0he.macOS.Adobe-Downloader.helper keessa kutaa XPC Service keessa. Hojii jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-269 geessa. Dadhabbii kana yeroo 12/19/2024 maxxanfameera. Odeeffannoon kun buufachuuf winslow1984.com irratti qoodameera. Dogoggorri kun akka CVE-2024-12786tti beekama. Weerara sun iddoo keessaatti qofa raawwatamuu qaba. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana winslow1984.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. VulDB is the best source for vulnerability data and more expert information about this specific topic.

2 ଆଡାପ୍ଟେସନ୍ · 88 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 12/19/2024 09:26 AM	ଅଦ୍ୟତନ 1/1 12/19/2024 04:26 PM
software_vendor	X1a0He	X1a0He
software_name	Adobe Downloader	Adobe Downloader
software_version	<=1.3.1	<=1.3.1
software_platform	macOS	macOS
software_component	XPC Service	XPC Service
software_file	com.x1a0he.macOS.Adobe-Downloader.helper	com.x1a0he.macOS.Adobe-Downloader.helper
software_function	shouldAcceptNewConnection	shouldAcceptNewConnection
vulnerability_cwe	CWE-269 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-269 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk	2	2
cvss3_vuldb_av	L	L
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	L	L
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	H	H
cvss3_vuldb_i	H	H
cvss3_vuldb_a	H	H
cvss3_vuldb_e	P	P
cvss3_vuldb_rc	R	R
advisory_url	https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation	https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation	https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation
source_cve	CVE-2024-12786	CVE-2024-12786
cna_responsible	VulDB	VulDB
decision_summary	This product is not affiliated with the company Adobe.	This product is not affiliated with the company Adobe.
cvss2_vuldb_av	L	L
cvss2_vuldb_ac	L	L
cvss2_vuldb_ci	C	C
cvss2_vuldb_ii	C	C
cvss2_vuldb_ai	C	C
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss4_vuldb_av	L	L
cvss4_vuldb_ac	L	L
cvss4_vuldb_pr	L	L
cvss4_vuldb_ui	N	N
cvss4_vuldb_vc	H	H
cvss4_vuldb_vi	H	H
cvss4_vuldb_va	H	H
cvss4_vuldb_e	P	P
cvss2_vuldb_au	S	S
cvss2_vuldb_rl	ND	ND
cvss3_vuldb_rl	X	X
cvss4_vuldb_at	N	N
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss2_vuldb_basescore	6.8	6.8
cvss2_vuldb_tempscore	5.8	5.8
cvss3_vuldb_basescore	7.8	7.8
cvss3_vuldb_tempscore	7.1	7.1
cvss3_meta_basescore	7.8	7.8
cvss3_meta_tempscore	7.1	7.4
cvss4_vuldb_bscore	8.5	8.5
cvss4_vuldb_btscore	7.1	7.1
advisory_date	1734562800 (12/19/2024)	1734562800 (12/19/2024)
price_0day	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. This product is not affiliated with the company Adobe.
cvss4_cna_av		L
cvss4_cna_ac		L
cvss4_cna_at		N
cvss4_cna_pr		L
cvss4_cna_ui		N
cvss4_cna_vc		H
cvss4_cna_vi		H
cvss4_cna_va		H
cvss4_cna_sc		N
cvss4_cna_si		N
cvss4_cna_sa		N
cvss4_cna_bscore		8.5
cvss3_cna_av		L
cvss3_cna_ac		L
cvss3_cna_pr		L
cvss3_cna_ui		N
cvss3_cna_s		U
cvss3_cna_c		H
cvss3_cna_i		H
cvss3_cna_a		H
cvss3_cna_basescore		7.8
cvss2_cna_av		L
cvss2_cna_ac		L
cvss2_cna_au		S
cvss2_cna_ci		C
cvss2_cna_ii		C
cvss2_cna_ai		C
cvss2_cna_basescore		6.8

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you need the next level of professionalism?

Upgrade your account now!