CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
SOFTWARE:
Macromedia Studio MX 2004
Macromedia Flash MX Professional 2004
Macromedia Flash MX 2004
Macromedia Fireworks MX 2004
Macromedia Dreamweaver MX 2004
Macromedia Contribute 2
DESCRIPTION:
Chris Irvine has discovered a vulnerability in Macromedia MX 2004
products, which can be exploited by malicious, local users to
escalate their privileges.
The problem is that the setuid root file "Library/Application
Support/Macrovision/AuthenticationService" is writable by "other".
This can be exploited to execute arbitrary code with the privileges
of a user using the affected products by overwriting the file.
The vulnerability affect Macromedia MX 2004 products and Contribute 2
running on the Mac OS X platform.
SOLUTION:
Apply updates.
English:
http://download.macromedia.com/pub/updates/licensing/hotfix/osx_upgrades_1_039en.dmg
http://secunia.com/advisories/11123/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic