CVE-2006-2647 | Vulnerability Database | Aqua Security

Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.

Affected Software

Name	Vendor	Start Version	End Version
Aix	Ibm	5.1 (including)	5.1 (including)
Aix	Ibm	5.2 (including)	5.2 (including)
Aix	Ibm	5.3 (including)	5.3 (including)

References

http://secunia.com/advisories/20325
http://securitytracker.com/id?1016166
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY85517\u0026apar=only
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY85518\u0026apar=only
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY88524\u0026apar=only
http://www.securityfocus.com/bid/18114
http://www.vupen.com/english/advisories/2006/2007
http://secunia.com/advisories/20325
http://securitytracker.com/id?1016166
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY85517\u0026apar=only
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY85518\u0026apar=only
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY88524\u0026apar=only
http://www.securityfocus.com/bid/18114
http://www.vupen.com/english/advisories/2006/2007

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2647
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html