stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp hp-ux 11.22 |
||
hp hp-ux 11.23 |
||
hp hp-ux 11.00 |
||
hp hp-ux 11.11 |