Vulnerability Description
Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| National Language Support | Libim | All versions |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0066.html
- http://marc.info/?l=bugtraq&m=104508375107938&w=2
- http://marc.info/?l=bugtraq&m=104508833214691&w=2
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40307&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40317&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40320&apar=only
- http://www.idefense.com/advisory/02.12.03.txtExploitPatchVendor Advisory
- http://www.osvdb.org/7996
- http://www.securityfocus.com/bid/6840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11309
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0066.html
- http://marc.info/?l=bugtraq&m=104508375107938&w=2
- http://marc.info/?l=bugtraq&m=104508833214691&w=2
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40307&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY40317&apar=only
FAQ
What is CVE-2003-0087?
CVE-2003-0087 is a vulnerability with a CVSS score of 7.2 (HIGH). Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im ar...
How severe is CVE-2003-0087?
CVE-2003-0087 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0087?
Check the references section above for vendor advisories and patch information. Affected products include: National Language Support Libim.