Lucene search

K

PRIOn knowledge basePRION:CVE-2014-3977

HistoryJun 08, 2014 - 11:55 p.m.

Design/Logic Flaw

2014-06-0823:55:00

PRIOn knowledge base

www.prio-n.com

5

6.2 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.

CPENameOperatorVersion
aixeq7.1
aixeq6.1
vioseq2.2.0.13
vioseq2.2.1.0
vioseq2.2.0.11
vioseq2.2.0.12
vioseq2.2.1.1
vioseq2.2.1.3
vioseq2.2.0.10
vioseq2.2.3.2

Rows per page:

1-10 of 191

References

aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc

packetstormsecurity.com/files/127067/IBM-AIX-6.1.8-Privilege-Escalation.html

www.ibm.com/support/docview.wss?uid=isg1IV60299

www.ibm.com/support/docview.wss?uid=isg1IV60303

www.ibm.com/support/docview.wss?uid=isg1IV60311

www.ibm.com/support/docview.wss?uid=isg1IV60312

www.ibm.com/support/docview.wss?uid=isg1IV60313

www.ibm.com/support/docview.wss?uid=isg1IV60314

www.securitytracker.com/id/1030401

exchange.xforce.ibmcloud.com/vulnerabilities/93595

www.exploit-db.com/exploits/33725

www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3977/

6.2 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

Related for PRION:CVE-2014-3977

aix1 nessus20 exploitpack1 securityvulns2 seebug1 cve2 cvelist2 packetstorm1 attackerkb1 exploitdb1 zdt1 prion1