PT-2012-3873 · Ibm · Ibm Db2
Publicado
2012-07-25
·
Atualizado
2017-12-22
·
CVE-2012-2196
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM DB2 versions 9.1 before FP12
IBM DB2 versions 9.5 through FP9
IBM DB2 versions 9.7 through FP6
IBM DB2 versions 9.8 through FP5
IBM DB2 versions 10.1
Description
The issue allows remote attackers to read arbitrary XML files. This is achieved via the (1) GET WRAP CFG C or (2) GET WRAP CFG C2 stored procedure.
Recommendations
For IBM DB2 version 9.1, update to FP12 or later.
For IBM DB2 version 9.5, update to FP9 or later.
For IBM DB2 version 9.7, update to FP6 or later.
For IBM DB2 version 9.8, update to FP5 or later.
For IBM DB2 version 10.1, there is no information about a newer version that contains a fix for this issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Db2