Privilege Escalation via Arbitrary Command Execution in IBM OmniFind Enterprise Edition

Privilege Escalation via Arbitrary Command Execution in IBM OmniFind Enterprise Edition

CVE-2010-3895 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.

Learn more about our Cis Benchmark Audit For Ibm I.