VYPR
Unrated severityNVD Advisory· Published Feb 9, 2005· Updated Jun 16, 2026

CVE-2004-0965

CVE-2004-0965

Description

stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Microfocus/Hpux5 versions
    cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
    • cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
    • cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
    • cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*
    • (no CPE)range: >=B.11.00, <=B.11.23

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.