Lucene search

IbmCVE-2012-2179

HistoryJun 22, 2012 - 10:24 a.m.

CVE-2012-2179

2012-06-2210:24:07

CWE-264

ibm

web.nvd.nist.gov

ibm aix

cve-2012-2179

libodm.a

symlink attack

nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

Affected configurations

Nvd

Node

ibmaixMatch5.3

ibmaixMatch6.1

ibmaixMatch7.1

VendorProductVersionCPE
ibmaix5.3cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
ibmaix6.1cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
ibmaix7.1cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	aix	5.3	cpe:2.3:o:ibm:aix:5.3:::::::*
ibm	aix	6.1	cpe:2.3:o:ibm:aix:6.1:::::::*
ibm	aix	7.1	cpe:2.3:o:ibm:aix:7.1:::::::*

References

aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc

www.ibm.com/support/docview.wss?uid=isg1IV21379

www.ibm.com/support/docview.wss?uid=isg1IV21381

www.ibm.com/support/docview.wss?uid=isg1IV21382

www.ibm.com/support/docview.wss?uid=isg1IV21383

www.ibm.com/support/docview.wss?uid=isg1IV22019

www.osvdb.org/83133

www.securitytracker.com/id?1027193

exchange.xforce.ibmcloud.com/vulnerabilities/75510

Social References

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2012-2179