Skip to main content

CVE-2004-1028

Severity High
Score 7.2/10

Summary

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.

  • LOW
  • LOCAL
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

References

Advisory Timeline

  • Published