PT-2012-4650 · Ibm · Ibm Db2+1
Published
2012-09-25
·
Updated
2017-08-29
·
CVE-2012-3324
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM DB2 and DB2 Connect version 10.1 before FP1
Description
A directory traversal issue exists in the UTL FILE module, allowing remote authenticated users to access arbitrary files by manipulating the pathname in the
file field. This could lead to modification, deletion, or reading of files outside the intended directory.Recommendations
For IBM DB2 and DB2 Connect version 10.1 before FP1, apply Fix Pack 1 to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Db2 Connect
Ibm Db2