Lucene search

K

MitreCVELIST:CVE-2009-4334

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4334

2022-10-0316:24:03

mitre

www.cve.org

ibm db2

stmm

permissions

denial of service

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writing to this file.

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT

secunia.com/advisories/37759

www-01.ibm.com/support/docview.wss?uid=swg1IC64019

www-01.ibm.com/support/docview.wss?uid=swg1IZ48106

www-01.ibm.com/support/docview.wss?uid=swg1IZ50355

www-01.ibm.com/support/docview.wss?uid=swg21293566

www-01.ibm.com/support/docview.wss?uid=swg21412902

www.securityfocus.com/bid/37332

www.vupen.com/english/advisories/2009/3520

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2009-4334

cve1 prion1 nvd1 openvas4 nessus1