CVE-2005-1843

Adobe Version Cue 1.0-1.0.1 - Local Arbitrary Library Loading via -lib Command Line Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1843. PoCs published by vade79.

AI-analyzed exploit summary This exploit leverages a local privilege escalation vulnerability in Adobe Version Cue's VCNative program on macOS. It abuses the '-lib' command-line option to load a malicious bundle, which then sets the SUID bit on a rootshell binary, allowing the attacker to gain root privileges.

Description

VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by vade79 · clocalosx

https://www.exploit-db.com/exploits/1186

View Code ZIP pw:eip

This exploit leverages a local privilege escalation vulnerability in Adobe Version Cue's VCNative program on macOS. It abuses the '-lib' command-line option to load a malicious bundle, which then sets the SUID bit on a rootshell binary, allowing the attacker to gain root privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Adobe Version Cue VCNative (macOS)

No auth needed

Prerequisites: Adobe Version Cue installed with VCNative setuid root · GCC or compatible compiler available · Local access to the target system

MITRE ATT&CK