CVE-2014-3977
08.06.2014, 23:55
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
| Vendor | Product | Version |
|---|---|---|
| ibm | vios | 2.2.0.10 |
| ibm | vios | 2.2.0.11 |
| ibm | vios | 2.2.0.12 |
| ibm | vios | 2.2.0.13 |
| ibm | vios | 2.2.1.0 |
| ibm | vios | 2.2.1.1 |
| ibm | vios | 2.2.1.3 |
| ibm | vios | 2.2.1.4 |
| ibm | vios | 2.2.1.4:fp-25_sp-02 |
| ibm | vios | 2.2.1.8 |
| ibm | vios | 2.2.1.9 |
| ibm | vios | 2.2.2.0 |
| ibm | vios | 2.2.2.4 |
| ibm | vios | 2.2.2.5 |
| ibm | vios | 2.2.3.0 |
| ibm | vios | 2.2.3.2 |
| ibm | vios | 2.2.3.3 |
| ibm | aix | 6.1 |
| ibm | aix | 7.1 |
𝑥
= Vulnerable software versions
References