Lucene search

Ubuntu.comUB:CVE-2012-2194

HistoryJul 25, 2012 - 12:00 a.m.

CVE-2012-2194

2012-07-2500:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.3%

JSON

Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored
procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8
through FP5, and 10.1 allows remote attackers to replace JAR files via
unspecified vectors.

Notes

Author	Note
tyhicks	A fix pack for 9.7 is not yet available as of 2012-07-25

References

www-01.ibm.com/support/docview.wss?uid=swg1IC84019

www-01.ibm.com/support/docview.wss?uid=swg1IC84711

www-01.ibm.com/support/docview.wss?uid=swg1IC84714

www-01.ibm.com/support/docview.wss?uid=swg1IC84715

www-01.ibm.com/support/docview.wss?uid=swg1IC84716

www-01.ibm.com/support/docview.wss?uid=swg21600837

launchpad.net/bugs/cve/CVE-2012-2194

nvd.nist.gov/vuln/detail/CVE-2012-2194

security-tracker.debian.org/tracker/CVE-2012-2194

www.cve.org/CVERecord?id=CVE-2012-2194

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for UB:CVE-2012-2194