PT-2008-1511 · Ibm · Ibm Db2 Universal Database
Publicado
2008-04-16
·
Atualizado
2017-07-29
·
CVE-2007-5664
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM DB2 Universal Database versions 9.5 before Fix Pack 1
IBM DB2 Universal Database versions 9.1 before Fix Pack 4a
IBM DB2 Universal Database versions 8 before FixPak 16
Description
The issue allows local users to overwrite arbitrary files via a symlink attack on files used for initialization in the DB2 Administration Server (DAS).
Recommendations
For IBM DB2 Universal Database version 9.5 before Fix Pack 1, apply Fix Pack 1 to resolve the issue.
For IBM DB2 Universal Database version 9.1 before Fix Pack 4a, apply Fix Pack 4a to resolve the issue.
For IBM DB2 Universal Database version 8 before FixPak 16, apply FixPak 16 to resolve the issue.
Correção
Link Following
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Db2 Universal Database