Vulnerabilities > CVE-2005-0250 - Local Format String vulnerability in IBM AIX 5.1/5.2/5.3

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

ibm

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM AIX 5.1 IBM AIX 5.2 IBM AIX 5.3	3

References

http://secunia.com/advisories/14198
http://securitytracker.com/id?1013103
http://www.idefense.com/application/poi/display?id=193&type=vulnerabilities&flashstatus=false
http://www.kb.cert.org/vuls/id/896729
http://www.securityfocus.com/bid/12496
http://www-1.ibm.com/support/docview.wss?uid=isg1IY67472
http://www-1.ibm.com/support/docview.wss?uid=isg1IY67519
http://www-1.ibm.com/support/docview.wss?uid=isg1IY67802
https://exchange.xforce.ibmcloud.com/vulnerabilities/19255