The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
References
Configurations
History
No history.
Information
Published : 2005-05-17 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-1307
Mitre link : CVE-2005-1307
CVE.ORG link : CVE-2005-1307
JSON object : View
Products Affected
apple
- mac_os_x
adobe
- version_cue
CWE