7.2

CVE-2014-0907

Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDb2 Version9.5
IbmDb2 Version9.7
IbmDb2 Version9.7.0.1
IbmDb2 Version9.7.0.2
IbmDb2 Version9.7.0.3
IbmDb2 Version9.7.0.4
IbmDb2 Version9.7.0.5
IbmDb2 Version9.7.0.6
IbmDb2 Version9.7.0.7
IbmDb2 Version9.7.0.8
IbmDb2 Version9.7.0.9
IbmDb2 Version10.1
IbmDb2 Version10.1.0.1
IbmDb2 Version10.1.0.2
IbmDb2 Version10.1.0.3
IbmDb2 Version10.5
IbmDb2 Version10.5.0.1
IbmDb2 Version10.5.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.66% 0.466
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
http://www.ibm.com/support/docview.wss?uid=swg21610582#4
Vendor Advisory
http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2014/Jun/7
http://secunia.com/advisories/59451
http://secunia.com/advisories/59463
http://secunia.com/advisories/60482
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00627
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00684
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00685
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00686
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00687
http://www-01.ibm.com/support/docview.wss?uid=swg21680454
http://www-304.ibm.com/support/docview.wss?uid=swg21676135
http://www.ibm.com/support/docview.wss?uid=swg1IT00686
http://www.ibm.com/support/docview.wss?uid=swg21672100
Vendor Advisory
http://www.securityfocus.com/bid/67617
http://www.securitytracker.com/id/1030670
http://www.securitytracker.com/id/1030671
https://exchange.xforce.ibmcloud.com/vulnerabilities/91869
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/