Incomplete Fix for Symlink Attack in libodm.a on IBM AIX 6.1 and 7.1, and VIOS 2.2.x

Incomplete Fix for Symlink Attack in libodm.a on IBM AIX 6.1 and 7.1, and VIOS 2.2.x

CVE-2014-3977 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.

Learn more about our Cis Benchmark Audit For Apple Ios.