Vulnerability Details : CVE-2007-2996
Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."
Exploit prediction scoring system (EPSS) score for CVE-2007-2996
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-2996
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.6
|
MEDIUM | AV:L/AC:M/Au:S/C:C/I:C/A:C |
2.7
|
10.0
|
NIST |
References for CVE-2007-2996
-
http://www.securitytracker.com/id?1018177
-
http://www.vupen.com/english/advisories/2007/2004
-
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98395
-
http://www.securityfocus.com/bid/24241
Patch
-
http://www-1.ibm.com/support/search.wss?rs=0&q=IY98396&apar=only
-
ftp://aix.software.ibm.com/aix/efixes/security/perl_ifix.tar.Z
Patch
Products affected by CVE-2007-2996
- cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*