Primary

Context

IBM AIX and VIOS Perl Path Traversal Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability in the Perl implementation on IBM AIX 7.3 TL3 and IBM VIOS 4.1.1 could enable a non-privileged local user to execute arbitrary code. This issue arises from improper handling of pathname input, creating a relative path traversal vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary commands on the affected system.

Remediation

Users can download the fix for this vulnerability from the AIX and VIOS security fix repository. The fix is included in a tar file that can be extracted and installed using the AIX 'installp' command. Instructions for verifying the integrity of the downloaded fix are also provided.

Added: Jun 10, 2025, 5:51 PM

Updated: Jun 10, 2025, 5:51 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM AIX and VIOS Perl Path Traversal Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

IBM AIX

IBM VIOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating