CVE-2004-1028

EPSS 0.05%
Published 10.01.2005 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Aix Version5.1

Ibm ≫ Aix Version5.1l

Ibm ≫ Aix Version5.2

Ibm ≫ Aix Version5.2.2

Ibm ≫ Aix Version5.2_l

Ibm ≫ Aix Version5.3

Ibm ≫ Aix Version5.3_l

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.135

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www-1.ibm.com/support/search.wss?rs=0&q=IY64354&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=IY64355&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=IY64356&apar=only

http://www.idefense.com/application/poi/display?id=170&type=vulnerabilities

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18625

https://nvd.nist.gov/vuln/detail/CVE-2004-1028

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1028

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1028

EUVD