[原文]The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
Adobe Version Cue stopserver.sh PATH Subversion Local Privilege Escalation
Local Access Required
Loss of Integrity
Adobe Version Cue contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the script "stopserver.sh" is executed and a malicious script named "productname.sh" in the current directory occurs. This flaw may lead to a loss of integrity.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Remove the setuid bit from "stopserver.sh" in "/Applications/Adobe Version Cue/" which may affect the functionality.