Lucene search

[email protected]CVE-2012-2179

HistoryJun 22, 2012 - 10:24 a.m.

CVE-2012-2179

2012-06-2210:24:07

CWE-264

[email protected]

web.nvd.nist.gov

ibm aix

cve-2012-2179

libodm.a

symlink attack

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

Affected configurations

NVD

Node

ibmaixMatch5.3

ibmaixMatch6.1

ibmaixMatch7.1

CPENameOperatorVersion
ibm:aixibm aixeq5.3
ibm:aixibm aixeq6.1
ibm:aixibm aixeq7.1

CPE	Name	Operator	Version
ibm:aix	ibm aix	eq	5.3
ibm:aix	ibm aix	eq	6.1
ibm:aix	ibm aix	eq	7.1

References

aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc

www.ibm.com/support/docview.wss?uid=isg1IV21379

www.ibm.com/support/docview.wss?uid=isg1IV21381

www.ibm.com/support/docview.wss?uid=isg1IV21382

www.ibm.com/support/docview.wss?uid=isg1IV21383

www.ibm.com/support/docview.wss?uid=isg1IV22019

www.osvdb.org/83133

www.securitytracker.com/id?1027193

exchange.xforce.ibmcloud.com/vulnerabilities/75510

Social References

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2012-2179

cvelist2 nvd2 nessus14 prion2 aix1 packetstorm1 attackerkb1 exploitpack1 securityvulns1 cve1 seebug1 exploitdb1