3 matches found
iDEFENSE Security Advisory 08.29.05: Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability
Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability iDEFENSE Security Advisory 08.29.05 www.idefense.com/application/poi/display?id=297&type=vulnerabilities August 29, 2005 I. BACKGROUND Adobe Version Cue is a software version tracking system for Adobe products distributed with Adob...
CVE-2005-1842
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack...
CVE-2005-1842
Adobe Version Cue VCNative (VCNative) on Mac OS X (Version Cue 1.0/1.0.1; Creative Suite 1.0/1.3) uses a setuid root VCNative that writes log files with predictable names (e.g., VCNative-[pid].log) in the working directory. This enables a local attacker to perform a symlink attack that can overwr...