Oval Definition:oval:org.mitre.oval:def:5538
Revision Date:2014-03-24Version:20
Title:HP-UX stmkfont Local Unauthorized Privileged Access
Description:stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0965
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX01088
  • HP-UX B.11.11
  • AND X11.X11-FONTSRV is installed
  • AND NOT Patch PHSS_31988 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX01088
  • HP Release B.11.04
  • AND X11.X11-FONTSRV is installed
  • AND NOT Patch PHSS_32196 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX01088
  • HP Release B.11.00
  • AND X11.X11-FONTSRV is installed
  • AND NOT Patch PHSS_31987 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX01088
  • HP Release B.11.22
  • AND X11.X11-FONTSRV is installed
  • AND NOT Patch PHSS_31989 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX01088
  • HP-UX B.11.23
  • AND X11.X11-FONTSRV is installed
  • AND NOT Patch PHSS_31990 is installed
    • BACK