2 matches found
CVE-2007-0392
IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572...
CVE-2007-0392
CVE-2007-0392 affects IBM AIX 5.3. The issue is a failure to properly verify the status of file descriptors before setuid execution, enabling local privilege escalation by closing FD 0, 1, or 2 and then running a setuid program. Descriptions from connected sources identify this as a variant of CV...