CVE-2004-1054 in AIXinfo

Summary

untrusted execution path vulnerability in invscout in ibm aix 5.1.0 5.2.0 and 5.3.0 allows local users to gain privileges by modifying the path environment variable to point to a malicious "uname" program which is executed from lsvpd after lsvpd has been invoked by invscout.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

11/18/2004

Disclosure

01/10/2005

Moderation

VulDB entry created

Entries

1: VDB-23670

CPE

ready

CWE

Unknown

Exploit

Download

CVSS

8.4

EPSS

0.00360

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1054
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1054
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1054/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!