PT-2007-4926 · Ibm · Ibm Aix+1
Published
2007-07-11
·
Updated
2017-07-29
·
CVE-2007-3680
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM AIX versions 5.2.0 through 5.3.0
Description
The issue is related to a stack-based buffer overflow in the
odm searchpath function within the libodm library. This allows local users to execute arbitrary code by manipulating the ODMPATH environment variable, specifically by making it excessively long.Recommendations
For IBM AIX versions 5.2.0 through 5.3.0, consider restricting access to the
odm searchpath function until a patch is available. As a temporary workaround, limit the length of the ODMPATH environment variable to prevent exploitation.Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Aix
Libodm