CVE-2004-1028 — IBM AIX vulnerability
3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.0%
top 85.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 10
Latest updateApr 29
Description
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
CVSS vector
AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0