Vulnerabilities

CVE-2007-5757

by Fred · 12/02/2008

Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.

Date published : 2008-02-12

http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT

Similar

Tags: Cybersecurity Alert