CVE-2007-5804 in AIXinfo

Summary

cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file s name as the argument.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

11/05/2007

Disclosure

11/05/2007

Moderation

VulDB entry created

Entries

1: VDB-39551

CPE

ready

CWE

Unknown

CVSS

8.4

EPSS

0.00050

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-5804
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-5804
CVE Details	https://www.cvedetails.com/cve/CVE-2007-5804/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!