Lucene search

[email protected]CVE-2010-3194

HistoryAug 31, 2010 - 10:00 p.m.

CVE-2010-3194

2010-08-3122:00:02

CWE-264

[email protected]

web.nvd.nist.gov

ibm db2

db2dart

file access restriction

vulnerability

security

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.

Affected configurations

NVD

Node

ibmdb2Match9.1

ibmdb2Match9.1fp1

ibmdb2Match9.1fp2

ibmdb2Match9.1fp2a

ibmdb2Match9.1fp3

ibmdb2Match9.1fp3a

ibmdb2Match9.1fp4

ibmdb2Match9.1fp4a

ibmdb2Match9.1fp5

ibmdb2Match9.1fp6

ibmdb2Match9.1fp6a

ibmdb2Match9.1fp7

ibmdb2Match9.1fp7a

ibmdb2Match9.1fp8

Node

ibmdb2Match9.5

ibmdb2Match9.5fp1

ibmdb2Match9.5fp2

ibmdb2Match9.5fp2a

ibmdb2Match9.5fp3

ibmdb2Match9.5fp3a

ibmdb2Match9.5fp3b

ibmdb2Match9.5fp4

ibmdb2Match9.5fp4a

ibmdb2Match9.5fp5

ibmdb2Match9.7

ibmdb2Match9.7fp1

CPENameOperatorVersion
ibm:db2ibm db2eq9.1

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	9.1

References

ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

secunia.com/advisories/41218

www-01.ibm.com/support/docview.wss?uid=swg1IC65749

www-01.ibm.com/support/docview.wss?uid=swg1IC65756

www-01.ibm.com/support/docview.wss?uid=swg1IC65762

www-01.ibm.com/support/docview.wss?uid=swg21426108

www-01.ibm.com/support/docview.wss?uid=swg21432298

www.vupen.com/english/advisories/2010/2225

exchange.xforce.ibmcloud.com/vulnerabilities/61445

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13841

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2010-3194

prion1 cvelist1 nvd1 openvas2 nessus3