A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
References
Link | Resource |
---|---|
http://www.exploit-db.com/exploits/24579 | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/55002 | Third Party Advisory VDB Entry |
https://packetstormsecurity.com/files/120643/Viscosity-setuid-set-ViscosityHelper-Privilege-Escalation.html | Exploit Third Party Advisory VDB Entry |
https://www.sparklabs.com/viscosity/releasenotes/mac/ | Release Notes Vendor Advisory |
http://www.exploit-db.com/exploits/24579 | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/55002 | Third Party Advisory VDB Entry |
https://packetstormsecurity.com/files/120643/Viscosity-setuid-set-ViscosityHelper-Privilege-Escalation.html | Exploit Third Party Advisory VDB Entry |
https://www.sparklabs.com/viscosity/releasenotes/mac/ | Release Notes Vendor Advisory |
Configurations
History
21 Nov 2024, 01:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.exploit-db.com/exploits/24579 - Exploit, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/55002 - Third Party Advisory, VDB Entry | |
References | () https://packetstormsecurity.com/files/120643/Viscosity-setuid-set-ViscosityHelper-Privilege-Escalation.html - Exploit, Third Party Advisory, VDB Entry | |
References | () https://www.sparklabs.com/viscosity/releasenotes/mac/ - Release Notes, Vendor Advisory |
Information
Published : 2020-01-10 20:15
Updated : 2024-11-21 01:42
NVD link : CVE-2012-4284
Mitre link : CVE-2012-4284
CVE.ORG link : CVE-2012-4284
JSON object : View
Products Affected
sparklabs
- viscosity
CWE