CVE-1999-1486
CVSS 2.0 Score 1.2 of 10 (low)
Details
Published Feb 25, 1998
Updated: Nov 20, 2024
Summary
CVE-1999-1486 is a vulnerability affecting IBM AIX 4.1 to 4.3 operating systems. This issue arises when the sadc utility, which is called from setgid adm programs like timex, fails to properly validate symlinks. Consequently, local users can exploit this weakness to overwrite arbitrary files through symlink attacks. This vulnerability poses a significant risk, as it allows unauthorized users to manipulate critical system files, potentially leading to system compromise.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- IBM AIX
Affected Vendors
- IBM Corporation