Exploitation Summary
EIP tracks 1 public exploit for CVE-2005-1307. PoCs published by Jonathan Bringhurst.
AI-analyzed exploit summary This exploit leverages a symlink vulnerability in Adobe Version Cue's stopserver.sh script to execute arbitrary commands as root. The PoC creates a malicious script and symlinks it to the vulnerable script, leading to privilege escalation.
Description
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
Exploits (1)
This exploit leverages a symlink vulnerability in Adobe Version Cue's stopserver.sh script to execute arbitrary commands as root. The PoC creates a malicious script and symlinks it to the vulnerable script, leading to privilege escalation.