The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 universal database 9.1 |