CVE-2009-2564

Exp

NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.

Published: 2009-07-21 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2009-2564 is rated High Exploit Risk (81/100): CVSS High severity, with high exploitation likelihood (EPSS 5.60%, 92th percentile). 4 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +5.32% over the last day, indicating growing attacker interest. Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2009-2564

EDB-ID Source Kind Published Link
9223 exploit_db edb 2009-07-21 Exploit-DB ↗
9199 exploit_db edb 2009-07-20 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2009-2564

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.27% 5.60% +5.32%
2 2025-04-23 0.18% 0.27% +0.10%
3 2025-03-30 0.18%

Full EPSS history (9 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2009-2564

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.2 2.0 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 3.9 10.0 [email protected]

Weakness enumeration for CVE-2009-2564

Affected software / configurations for CVE-2009-2564

Vendor Product Version Raw CPE
nos_microsystems getplus_download_manager 1.6.2.36 cpe:2.3:a:nos_microsystems:getplus_download_manager:1.6.2.36:*:*:*:*:*:*:*
adobe acrobat_reader 9.0 cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
adobe acrobat_reader 9.1 cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
corel getplus_download_manager 1.5.0.48 cpe:2.3:a:corel:getplus_download_manager:1.5.0.48:*:*:*:*:*:*:*

References for CVE-2009-2564

URL Tags
http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html
http://retrogod.altervista.org/9sg_adobe_local.html Exploit
http://secunia.com/advisories/35930 Vendor Advisory
http://secunia.com/advisories/36331 Vendor Advisory
http://securitytracker.com/id?1023007
http://www.adobe.com/support/security/bulletins/apsb09-15.html
http://www.exploit-db.com/exploits/9199
http://www.securityfocus.com/archive/1/505095/100/0/threaded
http://www.securityfocus.com/bid/35740 Exploit
http://www.us-cert.gov/cas/techalerts/TA09-286B.html US Government Resource
http://www.vupen.com/english/advisories/2009/1969 Vendor Advisory
http://www.vupen.com/english/advisories/2009/2898 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54383
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5719
cvelogic Threat Intelligence