IBM AIX 7.3, VIOS 4.1s Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary commands. IBM X-Force ID: 281320.
Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Vios | Ibm | 4.1 (including) | 4.1 (including) |
Aix | Ibm | 7.3 (including) | 7.3 (including) |
Process control vulnerabilities of the first type occur when either data enters the application from an untrusted source and the data is used as part of a string representing a command that is executed by the application. By executing the command, the application gives an attacker a privilege or capability that the attacker would not otherwise have.