CVE DATABASE / CVE-2008-4638
CVE-2008-4638
CVSS 4.6 · MEDIUM
Summary
qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qioadmin to write a file's content to standard error in an error message.
CVSS 2.0 breakdown
| Base score | 4.6 (MEDIUM) |
| Vector | AV:L/AC:L/Au:S/C:C/I:N/A:N |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | COMPLETE |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Symantec veritas file system
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://seer.entsupport.symantec.com/docs/310872.htm
- http://www.security-objectives.com/advisories/SECOBJSADV-2008-05.txt
- http://www.securityfocus.com/archive/1/497675/100/0/threaded
- http://www.securityfocus.com/bid/31679
- http://www.symantec.com/avcenter/security/Content/2008.10.20.html
- http://www.vupen.com/english/advisories/2008/2875
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46009
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.