CVE Vulnerability

CVE-2007-4798

Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".

6.6 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 9.2

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3846 Patch
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3847 Patch
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506 Patch
http://www.securityfocus.com/bid/25556 Patch
http://secunia.com/advisories/26715 Patch Vendor Advisory
http://osvdb.org/40393
http://www.vupen.com/english/advisories/2007/3059
https://exchange.xforce.ibmcloud.com/vulnerabilities/36447
Configurations

Configuration 1

cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
Information

Published : 2007-09-10 09:17

Updated : 2017-07-29 01:33

NVD link : CVE-2007-4798

Mitre link : CVE-2007-4798

Products Affected
No products.
CWE
CWE-264