4.6
CVE-2009-4334
- EPSS 0.37%
- Veröffentlicht 16.12.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:13:28
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writing to this file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.291 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
http://www-01.ibm.com/support/docview.wss?uid=swg21293566
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT
http://secunia.com/advisories/37759
http://www-01.ibm.com/support/docview.wss?uid=swg21412902
http://www.securityfocus.com/bid/37332
http://www.vupen.com/english/advisories/2009/3520
http://www-01.ibm.com/support/docview.wss?uid=swg1IC64019
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ48106
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ50355