Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-3333Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents4 sources
Severity
6.9MEDIUMNVD
EPSS
26.2%
top 3.69%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM AIX
Timeline
PublishedJul 26
Latest updateMay 3

Description

Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix5.2.0, 5.3+1

🔴Vulnerability Details

2
GHSA
GHSA-g7f2-v9m3-f42q: Stack-based buffer overflow in capture in IBM AIX 52022-05-03
CVEList
CVE-2007-3333: Stack-based buffer overflow in capture in IBM AIX 52007-07-26

💥Exploits & PoCs

4
Exploit-DB
Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit)2011-03-04
Exploit-DB
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation2007-07-27
Exploit-DB
IBM AIX 5.2/5.3 - Capture Command Local Stack Buffer Overflow2007-07-26
Exploit-DB
XOOPS Module WF-Section 1.01 - 'articleId' SQL Injection2007-04-02
CVE-2007-3333 — IBM AIX vulnerability | cvebase