CVE-1999-1183 - System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by pro

CVE-1999-1183

Summary

System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.

References

ftp://patches.sgi.com/support/free/security/advisories/19980403-01-PX
ftp://patches.sgi.com/support/free/security/advisories/19980403-02-PX
http://www.iss.net/security_center/static/809.php
http://www.osvdb.org/8556

Vulnerable Configurations

cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*

CVSS

Base:	7.6 (as of 21-08-2013 - 04:05)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:H/Au:N/C:C/I:C/A:C

refmap via4

osvdb	8556
sgi	19980403-01-PX 19980403-02-PX
xf	sgi-mailcap(809)

Last major update

21-08-2013 - 04:05

Published

02-04-1998 - 05:00

Last modified

21-08-2013 - 04:05