CVE-2014-3977CVE-2014-3977

Affected configuration(s):

cpe:/o:ibm:aix:6.1
cpe:/o:ibm:aix:7.1
cpe:/o:ibm:vios:2.2.0.10
cpe:/o:ibm:vios:2.2.0.11
cpe:/o:ibm:vios:2.2.0.12
cpe:/o:ibm:vios:2.2.0.13
cpe:/o:ibm:vios:2.2.1.0
cpe:/o:ibm:vios:2.2.1.1
cpe:/o:ibm:vios:2.2.1.3
cpe:/o:ibm:vios:2.2.1.4
cpe:/o:ibm:vios:2.2.1.4:fp-25_sp-02
cpe:/o:ibm:vios:2.2.1.8
cpe:/o:ibm:vios:2.2.1.9
cpe:/o:ibm:vios:2.2.2.0
cpe:/o:ibm:vios:2.2.2.4
cpe:/o:ibm:vios:2.2.2.5
cpe:/o:ibm:vios:2.2.3.0
cpe:/o:ibm:vios:2.2.3.2
cpe:/o:ibm:vios:2.2.3.3

Date published: 2014-06-08T19:55:04.103-04:00

Date last modified: 2017-08-28T21:34:49.560-04:00

CVSS Score: 6.9

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc

Summary: libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.