See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-1999-1089

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Dec 13, 1996

Updated: Nov 20, 2024

Summary

CVE-1999-1089 is a buffer overflow vulnerability affecting the chfn command in HP-UX 9.X through 10.20. Maliciously crafted long command line arguments can be used by local users to exploit this issue and gain privileged access to the system. The buffer overflow occurs within the command processing of chfn, allowing an attacker to execute arbitrary code with elevated permissions. This vulnerability poses a significant risk to systems running HP-UX versions within the specified range and should be addressed promptly by applying the available patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HP-UX
HP-UX family of operating systems

Affected Vendors

Advisories, Assessments, and Mitigations

Back to Vulnerability Database