CVE-1999-1232
CVSS 2.0 Score 7.2 of 10 (high)
Details
Published May 16, 1997
Updated: Dec 19, 2017
Summary
CVE-1999-1232 is an untrusted search path vulnerability impacting the day5datacopier application in SGI IRIX 6.2. This vulnerability permits local users to execute arbitrary commands by manipulating the PATH environment variable, allowing them to point to a malicious cp (copy) program instead of the intended system utility. This deceitful redirection could result in unintended file transfers and unauthorized system commands, posing a significant risk to system security.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- SGI IRAX
Affected Vendors
- Saskatchewan Government Insurance