CVE-2003-0898

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on 1 db2job and 2 db2job2...

CVE-2003-0898

Affected software: IBM DB2 7.2 prior to FixPak 10a, and older versions including 7.1. Vulnerability: local users can overwrite arbitrary files and escalate privileges via a symlink attack on the db2job and db2job2 utilities. Root cause: insufficient access control around symbolic links leading to...