Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2004-12-20 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-1329
Mitre link : CVE-2004-1329
CVE.ORG link : CVE-2004-1329
JSON object : View
Products Affected
ibm
- aix
CWE