CVE-2005-1307
CVE-2005-1307
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/680unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2004-12/0040.htmlhttp://marc.info/?l=bugtraq&m=111627622403544&w=2http://secunia.com/advisories/13399http://securitytracker.com/id?1012446https://exchange.xforce.ibmcloud.com/vulnerabilities/18445http://www.adobe.com/support/techdocs/331621.htmlhttp://www.osvdb.org/12297http://www.osvdb.org/12298http://www.securiteam.com/exploits/5EP0D20FQC.htmlhttp://www.securityfocus.com/bid/11833