Vulnerabilities > CVE-2005-1307
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
Exploit-Db
| description | Mac OS X Adobe Version Cue Local Root Exploit. CVE-2005-1307. Local exploit for osx platform |
| id | EDB-ID:680 |
| last seen | 2016-01-31 |
| modified | 2004-12-08 |
| published | 2004-12-08 |
| reporter | Jonathan Bringhurst |
| source | https://www.exploit-db.com/download/680/ |
| title | Mac OS X Adobe Version Cue - Local Root Exploit |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-12/0040.html
- http://archives.neohapsis.com/archives/bugtraq/2004-12/0040.html
- http://marc.info/?l=bugtraq&m=111627622403544&w=2
- http://marc.info/?l=bugtraq&m=111627622403544&w=2
- http://secunia.com/advisories/13399
- http://secunia.com/advisories/13399
- http://securitytracker.com/id?1012446
- http://securitytracker.com/id?1012446
- http://www.adobe.com/support/techdocs/331621.html
- http://www.adobe.com/support/techdocs/331621.html
- http://www.osvdb.org/12297
- http://www.osvdb.org/12297
- http://www.osvdb.org/12298
- http://www.osvdb.org/12298
- http://www.securiteam.com/exploits/5EP0D20FQC.html
- http://www.securiteam.com/exploits/5EP0D20FQC.html
- http://www.securityfocus.com/bid/11833
- http://www.securityfocus.com/bid/11833
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18445
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18445