IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148803.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 10.1 |
||
ibm db2 11.1 |
||
ibm db2 9.7 |
||
ibm db2 10.5 |