[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-0907Date: (C)2014-05-31   (M)2023-12-22


Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1030670
SECTRACK-1030671
http://seclists.org/fulldisclosure/2014/Jun/7
SECUNIA-59451
SECUNIA-59463
SECUNIA-60482
BID-67617
IT00627
IT00684
IT00685
IT00686
IT00687
http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.html
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
http://www-01.ibm.com/support/docview.wss?uid=swg21680454
http://www-304.ibm.com/support/docview.wss?uid=swg21676135
http://www.ibm.com/support/docview.wss?uid=swg1IT00686
http://www.ibm.com/support/docview.wss?uid=swg21610582#4
http://www.ibm.com/support/docview.wss?uid=swg21672100
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/
ibm-cve20140907-priv-escalation(91869)

CPE    18
cpe:/a:ibm:db2:10.5.0.1
cpe:/a:ibm:db2:9.7
cpe:/a:ibm:db2:10.5.0.2
cpe:/a:ibm:db2:9.7.0.6
...

© SecPod Technologies