The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to security vulnerability. A flaw is present in engine utilities component in IBM DB2 which fails to properly handle world-writable permissions for the sqllib/cfg/db2sprf file. Successful exploitation allow local users to gain privileges by modifying this file.