Security Tracker has issued details of a vulnerability in Adobe Version Cue.
The vulnerability means a local user can obtain root privileges on the target system. This means a local user can create specially crafted scripts and modify the current path to point to the directory containing those scripts. Then, when Adobe Version Cue is started or stopped, the scripts will run with root user privileges, explains Security Tracker.
Adobe has not yet issued a solution, but a temporary workaround is offered that disables some Adobe Version Cue functions. This is included with the details on the Security Tracker site.
Version Cue is a feature of Adobe's Creative Suite that helps users find files, track multiple versions of files, and share files for creative collaboration.