[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2004-0965Date: (C)2005-02-09   (M)2023-12-22


stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-11493
http://marc.info/?l=bugtraq&m=109837243713696&w=2
SSRT4807
hpux-stmkfont-gain-privileges(17813)
http://www.nsfocus.com/english/homepage/research/0402.htm
oval:org.mitre.oval:def:5538

CPE    3
cpe:/o:hp:hp-ux:11.22
cpe:/o:hp:hp-ux:11.11
cpe:/o:hp:hp-ux:11.00

© SecPod Technologies