CVE-2005-1842 - Vulnerability Details - OpenCVE

VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Adobe	Version Cue

Configuration 1 [-]

OR	cpe:2.3:a:adobe:version_cue:1.0:::::::*
	cpe:2.3:a:adobe:version_cue:1.0.1:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/16541
http://securitytracker.com/id?1014776
http://www.adobe.com/support/techdocs/327129.html
http://www.idefense.com/application/poi/display?id=297&type=vulnerabilities
http://www.securityfocus.com/bid/14638

History

Sun, 13 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00255}`	epss `{'score': 0.00296}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-08-24T04:00:00

Updated: 2024-08-07T22:06:57.470Z

Reserved: 2005-06-03T00:00:00

Link: CVE-2005-1842

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-08-24T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-1842

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-08-11T00:00:00", "descriptions": [{"lang": "en", "value": "VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-09-03T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "14638", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14638"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/techdocs/327129.html"}, {"name": "1014776", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014776"}, {"name": "20050829 Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://www.idefense.com/application/poi/display?id=297&type=vulnerabilities"}, {"name": "16541", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/16541"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1842", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "14638", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14638"}, {"name": "http://www.adobe.com/support/techdocs/327129.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/techdocs/327129.html"}, {"name": "1014776", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014776"}, {"name": "20050829 Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=297&type=vulnerabilities"}, {"name": "16541", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16541"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:06:57.470Z"}, "title": "CVE Program Container", "references": [{"name": "14638", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/14638"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/techdocs/327129.html"}, {"name": "1014776", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014776"}, {"name": "20050829 Adobe Version Cue VCNative Arbitrary File Overwrite Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://www.idefense.com/application/poi/display?id=297&type=vulnerabilities"}, {"name": "16541", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/16541"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1842", "datePublished": "2005-08-24T04:00:00", "dateReserved": "2005-06-03T00:00:00", "dateUpdated": "2024-08-07T22:06:57.470Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:version_cue:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABD4E1CD-8226-4308-8B6F-65B7AFB1CE32", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:version_cue:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7ABC546A-EE59-47E3-A0F0-9210050121D6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack."}], "id": "CVE-2005-1842", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-08-24T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/16541"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014776"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/techdocs/327129.html"}, {"source": "cve@mitre.org", "url": "http://www.idefense.com/application/poi/display?id=297&type=vulnerabilities"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/14638"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/16541"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014776"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/techdocs/327129.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.idefense.com/application/poi/display?id=297&type=vulnerabilities"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/14638"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}