CVE-2007-3680

Опубликовано: 11 июл. 2007

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable.

Ссылки

ftp://aix.software.ibm.com/aix/efixes/security/README
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=552
Patch
http://osvdb.org/36760
http://secunia.com/advisories/25970
Vendor Advisory
http://securitytracker.com/id?1018345
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97632
http://www.securityfocus.com/bid/24841
http://www.vupen.com/english/advisories/2007/2476
https://exchange.xforce.ibmcloud.com/vulnerabilities/35321
ftp://aix.software.ibm.com/aix/efixes/security/README
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=552
Patch
http://osvdb.org/36760
http://secunia.com/advisories/25970
Vendor Advisory
http://securitytracker.com/id?1018345
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97632
http://www.securityfocus.com/bid/24841
http://www.vupen.com/english/advisories/2007/2476
https://exchange.xforce.ibmcloud.com/vulnerabilities/35321

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00062

Низкий

7.2 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-mj9m-wc42-qxgc

github

почти 4 года назад