CVE-2006-1246

Sažetak

Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.

Reference

http://attrition.org/pipermail/vim/2006-March/000641.html
http://secunia.com/advisories/19235
http://securitytracker.com/id?1015786
http://www.nsfocus.com/english/homepage/research/0602.htm
http://www.osvdb.org/23921
http://www.securityfocus.com/bid/17115
http://www.vupen.com/english/advisories/2006/0957
http://www-1.ibm.com/support/docview.wss?uid=isg1IY82739
https://exchange.xforce.ibmcloud.com/vulnerabilities/25299
https://exchange.xforce.ibmcloud.com/vulnerabilities/25849

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

17-03-2006 - 11:02