Filtered by vendor Corel Subscriptions
Filtered by product Getplus Download Manager Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-2564 3 Adobe, Corel, Nos Microsystems 3 Acrobat Reader, Getplus Download Manager, Getplus Download Manager 2024-11-21 N/A
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.