TROYANOSYVIRUS
Voltar para CVEs

CVE-2014-3977

N/A

Descricao

libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado6/8/2014
Ultima modificacao4/12/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

ibm:aixibm:vios

Fraquezas (CWE)

CWE-59

Referencias

http://aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc(cve@mitre.org)
http://packetstormsecurity.com/files/127067/IBM-AIX-6.1.8-Privilege-Escalation.html(cve@mitre.org)
http://www.exploit-db.com/exploits/33725(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IV60299(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IV60303(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IV60311(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IV60312(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IV60313(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IV60314(cve@mitre.org)
http://www.securitytracker.com/id/1030401(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/93595(cve@mitre.org)
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3977/(cve@mitre.org)
http://aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/127067/IBM-AIX-6.1.8-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/33725(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV60299(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV60303(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV60311(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV60312(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV60313(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV60314(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1030401(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/93595(af854a3a-2127-422b-91ae-364da2661108)
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3977/(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.