IBM DB2 7.2 before FixPak 10a, and previous versions versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 universal database |
||
ibm db2 universal database 7.1 |