Vulnerabilities > CVE-2005-1307 - Local Privilege Escalation vulnerability in Adobe Version Cue
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
Exploit-Db
| description | Mac OS X Adobe Version Cue Local Root Exploit. CVE-2005-1307. Local exploit for osx platform |
| id | EDB-ID:680 |
| last seen | 2016-01-31 |
| modified | 2004-12-08 |
| published | 2004-12-08 |
| reporter | Jonathan Bringhurst |
| source | https://www.exploit-db.com/download/680/ |
| title | Mac OS X Adobe Version Cue - Local Root Exploit |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-12/0040.html
- http://marc.info/?l=bugtraq&m=111627622403544&w=2
- http://secunia.com/advisories/13399
- http://securitytracker.com/id?1012446
- http://www.adobe.com/support/techdocs/331621.html
- http://www.osvdb.org/12297
- http://www.osvdb.org/12298
- http://www.securiteam.com/exploits/5EP0D20FQC.html
- http://www.securityfocus.com/bid/11833
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18445