Lucene search

MitreCVE-2006-2647

HistoryMay 30, 2006 - 10:02 a.m.

CVE-2006-2647

2006-05-3010:02:00

mitre

web.nvd.nist.gov

ibm aix

cve-2006-2647

update_flash

vulnerability

local users

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

Percentile

9.8%

JSON

Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.

Affected configurations

Nvd

Node

ibmaixMatch5.1

ibmaixMatch5.2

ibmaixMatch5.3

VendorProductVersionCPE
ibmaix5.1cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
ibmaix5.2cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
ibmaix5.3cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	aix	5.1	cpe:2.3:o:ibm:aix:5.1:::::::*
ibm	aix	5.2	cpe:2.3:o:ibm:aix:5.2:::::::*
ibm	aix	5.3	cpe:2.3:o:ibm:aix:5.3:::::::*

References

secunia.com/advisories/20325

securitytracker.com/id?1016166

www-1.ibm.com/support/search.wss?rs=0&q=IY85517&apar=only

www-1.ibm.com/support/search.wss?rs=0&q=IY85518&apar=only

www-1.ibm.com/support/search.wss?rs=0&q=IY88524&apar=only

www.securityfocus.com/bid/18114

www.vupen.com/english/advisories/2006/2007

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

Percentile

9.8%

JSON

Related for CVE-2006-2647