Vulnerabilities

CVE-2007-4271

by Fred · 18/08/2007

Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following.

Date published : 2007-08-18

http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210

http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261

Similar

Tags: Cybersecurity Alert