CVE-2007-3680Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 80.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM AIX
Timeline
PublishedJul 11
Latest updateMay 3

Description

Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix5.2.0, 5.3.0+1

Patches

Patch: labs.idefense.comPatch: labs.idefense.com

🔴Vulnerability Details

2
GHSA
GHSA-mj9m-wc42-qxgc: Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 52022-05-03
CVEList
CVE-2007-3680: Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 52007-07-11
CVE-2007-3680 — IBM AIX vulnerability | cvebase