Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2236Use of Externally-Controlled Format String in IBM AIX

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.6%
top 30.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM AIX
Timeline
PublishedJul 12
Latest updateMay 1

Description

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix5.3

🔴Vulnerability Details

2
GHSA
GHSA-hwr2-7qw6-8x3x: Format string vulnerability in the paginit command in IBM AIX 52022-05-01
CVEList
CVE-2005-2236: Format string vulnerability in the paginit command in IBM AIX 52005-07-12

💥Exploits & PoCs

1
Exploit-DB
AIX 5.2 - 'paginit' Local Privilege Escalation2005-06-14
CVE-2005-2236 — IBM AIX vulnerability | cvebase