CVE-2004-1329

2004-12-20T05:00:00
ID CVE-2004-1329
Type cve
Reporter cve@mitre.org
Modified 2018-10-19T15:30:00

Description

Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.