CVE-2012-5938

Published: Mar 20, 2013Modified: Apr 29, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The installation process in IBM InfoSphere Information Server 8.1, 8.5, 8.7, and 9.1 on UNIX and Linux sets incorrect permissions and ownerships for unspecified files, which allows local users to bypass intended access restrictions via standard filesystem operations.

Affected (4)

Products: Ibm: Infosphere Information Server

Ibm

1 product

Infosphere Information Server

Configuration A

4 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ibm Infosphere Information Server	Version 8.1
Ibm Infosphere Information Server	Version 8.5
Ibm Infosphere Information Server	Version 8.7
Ibm Infosphere Information Server	Version 9.1

Running on/with	Platform Versions
Conectiva Linux	All versions
Novell Unixware	All versions

Related CWEs

CWE-264

References (4)

http://www.ibm.com/support/docview.wss?uid=swg21628844

Source: psirt@us.ibm.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/80493

Source: psirt@us.ibm.com

http://www.ibm.com/support/docview.wss?uid=swg21628844

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/80493

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.