Security Bulletin: IBM DB2 Security Vulnerability in the UTL_FILE module (CVE-2012-3324).

Abstract Vulnerability in IBM DB2 could allow an authenticated user, without proper authorization, to view, modify and delete any file. Content VULNERABILITY DETAILS CVE ID: CVE-2012-3324 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability that could allow an...

Security Bulletin: IBM Security Guardium is affected by Using Components with Known Vulnerabilities vulnerability

Summary IBM Security Guardium has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2012-3324 DESCRIPTION: IBM DB2, when running on Microsft Windows, could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of...

IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities

According to its version, the installation of DB2 10.1 running on the remote host is affected by one or more of the following issues : - An error exists in the stored procedure 'SQLJ.DB2INSTALLJAR' that can allow unauthorized replacement of Jar files. Note this vulnerability only affects the...

CVE-2012-3324

IBM DB2 on Windows (DB2 10.1 and DB2 Connect 10.1) is affected by a directory traversal vulnerability in the UTL_FILE module. The issue arises from how file names are processed, allowing a remote authenticated user to view, modify, or delete arbitrary files outside the intended directory via a cr...