Vulnerability Description
Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | 5.3 |
References
- http://attrition.org/pipermail/vim/2006-March/000641.html
- http://secunia.com/advisories/19235PatchVendor Advisory
- http://securitytracker.com/id?1015786
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY82739
- http://www.nsfocus.com/english/homepage/research/0602.htmPatchVendor Advisory
- http://www.osvdb.org/23921
- http://www.securityfocus.com/bid/17115
- http://www.vupen.com/english/advisories/2006/0957Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25299
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25849
- http://attrition.org/pipermail/vim/2006-March/000641.html
- http://secunia.com/advisories/19235PatchVendor Advisory
- http://securitytracker.com/id?1015786
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY82739
- http://www.nsfocus.com/english/homepage/research/0602.htmPatchVendor Advisory
FAQ
What is CVE-2006-1246?
CVE-2006-1246 is a vulnerability with a CVSS score of 7.2 (HIGH). Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vul...
How severe is CVE-2006-1246?
CVE-2006-1246 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1246?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix.