• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Adobe Version Cue for Mac OS X Local Privilege Escalation Vulnerabilities

Adobe Version Cue for Mac OS X is prone to two local privilege-escalation vulnerabilities that could allow a local attacker to load arbitrary libraries or overwrite files.

The first issue (CAN-2005-1842) allows a local user to overwrite arbitrary files in the context of the superuser through the VCNative application. This vulnerability permits privilege escalation, because files may be overwritten with custom data.

The second issue (CAN-2005-1843) allows a local user to load arbitrary libraries in the context of the superuser through the VCNative application. This will permit privilege escalation.

Adobe Version Cue 1.0 and 1.0.1 are vulnerable to this issue.