The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
References
Information
Published : 2005-05-16 21:00
Updated : 2017-07-10 18:32
NVD link : CVE-2005-1307
Mitre link : CVE-2005-1307
JSON object : View
CWE
Products Affected
apple
- mac_os_x
adobe
- version_cue