header-logo
Suggest Exploit
vendor:
libIM Library
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer Overflow
120 (Buffer Copy without Checking Size of Input)
CWE
Product Name: libIM Library
Affected Version From: AIX 4.3
Affected Version To: AIX 5.2
Patch Exists: Yes
Related CWE: N/A
CPE: aix:libim
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: AIX
2002

Buffer Overflow Vulnerability in libIM Library

A buffer overflow vulnerability has been discovered in the libIM library available for the AIX 4.3, 5.1, 5.2 operating system. As a result it may be possible to overwrite sensitive memory in programs linked to the affected library. By identifying a linked application with the setuid bit applied, it may be possible to exploit this vulnerability to execute code with elevated privileges. Under certain circumstances this issue may pose as a remote security threat.

Mitigation:

Ensure that all applications linked to the affected library are updated to the latest version.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6840/info

A buffer overflow vulnerability has been discovered in the libIM library available for the AIX 4.3, 5.1, 5.2 operating system. As a result it may be possible to overwrite sensitive memory in programs linked to the affected library. By identifying a linked application with the setuid bit applied, it may be possible to exploit this vulnerability to execute code with elevated privileges.

Under certain circumstances this issue may pose as a remote security threat. 

/usr/lpp/X11/bin/aixterm -im `perl -e 'print "A"x47; print pack("l",0x11223344)'`

Navigation

Suggest Exploit

Services By CQR