CVE-1999-1232

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published May 16, 1997
Updated: Dec 19, 2017

Summary

CVE-1999-1232 is an untrusted search path vulnerability impacting the day5datacopier application in SGI IRIX 6.2. This vulnerability permits local users to execute arbitrary commands by manipulating the PATH environment variable, allowing them to point to a malicious cp (copy) program instead of the intended system utility. This deceitful redirection could result in unintended file transfers and unauthorized system commands, posing a significant risk to system security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SGI IRAX

Affected Vendors

  • Saskatchewan Government Insurance