Vulnerability Details CVE-2009-2564
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v2 Score 7.2
Products affected by CVE-2009-2564
-
cpe:2.3:a:adobe:acrobat_reader:9.0
-
cpe:2.3:a:adobe:acrobat_reader:9.1
-
cpe:2.3:a:corel:getplus_download_manager:1.5.0.48
-
cpe:2.3:a:nos_microsystems:getplus_download_manager:1.6.2.36