CVE-2007-2996 - Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through

CVE-2007-2996

Summary

Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."

References

Vulnerable Configurations

cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*

CVSS

Base:	6.6 (as of 31-10-2012 - 02:36)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:S/C:C/I:C/A:C

refmap via4

aixapar	IY98394 IY98395 IY98396
bid	24241
confirm	ftp://aix.software.ibm.com/aix/efixes/security/perl_ifix.tar.Z
osvdb	36754
sectrack	1018177
secunia	25478
vupen	ADV-2007-2004

Last major update

31-10-2012 - 02:36

Published

04-06-2007 - 17:30

Last modified

31-10-2012 - 02:36