4.9
CVE-2012-0723
- EPSS 0.39%
- Veröffentlicht 30.07.2012 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:38:08
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.302 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://aix.software.ibm.com/aix/efixes/security/syscall_advisory.asc
http://www.ibm.com/support/docview.wss?uid=isg1IV22693
http://www.ibm.com/support/docview.wss?uid=isg1IV22694
http://www.ibm.com/support/docview.wss?uid=isg1IV22695
http://www.ibm.com/support/docview.wss?uid=isg1IV22696
http://www.ibm.com/support/docview.wss?uid=isg1IV22697
http://www.securitytracker.com/id?1027315
https://exchange.xforce.ibmcloud.com/vulnerabilities/74134