CVE-2012-2179

IBM Aix - Access Control

Title source: rule

Description

libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

Exploits (1)

exploitdb WORKING POC

localaix

https://www.exploit-db.com/exploits/33725

View Code ZIP pw:eip

References (9)

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=isg1IV21382

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027193

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=isg1IV21381

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/75510

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=isg1IV21379

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=isg1IV21383

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=isg1IV22019

[Third Party Advisory, VDB Entry] http://www.osvdb.org/83133

[Patch, Vendor Advisory] http://aix.software.ibm.com/aix/efixes/security/libodm_advisory.asc

Scores

EPSS 0.0037

EPSS Percentile 58.9%

Details

CWE

CWE-264

Status published

Products (3)

ibm/aix 5.3

ibm/aix 6.1

ibm/aix 7.1

Published Jun 22, 2012

Tracked Since Feb 18, 2026