The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 9.5 |