CVE-2011-4834

Published: Dec 15, 2011Modified: Apr 29, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.

Affected (1)

Products: Hp: Application Lifestyle Management

1 product

Application Lifestyle Management

Configuration A

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Hp Application Lifestyle Management	Version 11

Running on/with	Platform Versions
Hp Hp Ux	All versions
Ibm Aix	All versions
Sun Sunos	All versions

Related CWEs

References (8)

http://0a29.blogspot.com/2011/12/0a29-11-2-privilege-escalation.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/47040

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/520783/100/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/71698

Source: cve@mitre.org

http://0a29.blogspot.com/2011/12/0a29-11-2-privilege-escalation.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/47040

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/520783/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/71698

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.