CVE-2007-1027

Опубликовано: 21 фев. 2007

Источник: nvd

CVSS2: 4.4

EPSS Низкий

Описание

Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.

Ссылки

http://osvdb.org/34024
http://secunia.com/advisories/24213
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IY94817
Vendor Advisory
http://www.securityfocus.com/bid/22614
http://www.securitytracker.com/id?1017665
http://www.securitytracker.com/id?1017695
http://www.vupen.com/english/advisories/2007/0652
http://osvdb.org/34024
http://secunia.com/advisories/24213
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IY94817
Vendor Advisory
http://www.securityfocus.com/bid/22614
http://www.securitytracker.com/id?1017665
http://www.securitytracker.com/id?1017695
http://www.vupen.com/english/advisories/2007/0652

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:db2:9.0:*:linux:*:*:*:*:*

cpe:2.3:a:ibm:db2:9.0:*:unix:*:*:*:*:*

EPSS

Процентиль: 15%

0.00048

Низкий

4.4 Medium

CVSS2

Дефекты

CWE-59

Связанные уязвимости

GHSA-737q-974q-j2p4

github

почти 4 года назад