CVE-2007-4353

{"id": "CVE-2007-4353", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-08-15T00:17:00.000", "references": [{"url": "ftp://aix.software.ibm.com/aix/efixes/security/README", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26420", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00531", "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01433", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25270", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018549", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2860", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35971", "source": "cve@mitre.org"}, {"url": "ftp://aix.software.ibm.com/aix/efixes/security/README", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26420", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00531", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01433", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/25270", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1018549", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2860", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35971", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en IBM AIX 5.2 y 5.3 permiten a usuarios locales en el grupo system obtener privilegios de root mediante vectores no especificados involucrando los programas (1) chpath, (2) rmpath, y (3) devinstall en bos.rte.methods."}], "lastModified": "2024-11-21T00:35:23.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B"}, {"criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}