CVE DATABASE / CVE-2007-4217
CVE-2007-4217
CVSS 7.2 · HIGH
Summary
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
CVSS 2.0 breakdown
| Base score | 7.2 (HIGH) |
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | COMPLETE |
| Integrity | COMPLETE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Ibm aix
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- ftp://aix.software.ibm.com/aix/efixes/security/ftp_ifix.tar
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=616
- http://secunia.com/advisories/27437
- http://securitytracker.com/id?1018871
- http://www.ibm.com/support/docview.wss?uid=isg1IZ05487
- http://www.ibm.com/support/docview.wss?uid=isg1IZ05488
- http://www.securityfocus.com/bid/26260
- http://www.vupen.com/english/advisories/2007/3669
- http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200709%2FSECURITY%2F20070905%2Fdatafile101815
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38162
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.