3.3
CVE-2006-1247
- EPSS 0.38%
- Veröffentlicht 19.04.2006 16:06:00
- Zuletzt bearbeitet 16.06.2026 22:22:18
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.292 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:N/I:P/A:P
|
CWE-59 Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
http://secunia.com/advisories/19656
http://securitytracker.com/id?1015952
http://www-1.ibm.com/support/docview.wss?uid=isg1IY82357
http://www.nsfocus.com/english/homepage/research/0603.htm
http://www.osvdb.org/24706
http://www.securityfocus.com/archive/1/431846/100/0/threaded
http://www.securityfocus.com/archive/1/431848/100/0/threaded
http://www.securityfocus.com/bid/17576
http://www.vupen.com/english/advisories/2006/1389
https://exchange.xforce.ibmcloud.com/vulnerabilities/25848