CVE-1999-1501

high

Description

(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.

References

http://www.securityfocus.com/bid/71

http://www.securityfocus.com/bid/70

http://marc.info/?l=bugtraq&m=89217373930054&w=2

Details

Source: Mitre, NVD

Published: 1998-04-08

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00059