VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-3194
db2: The DB2DART program in IBM DB2 9.1 before FP9, 9.5 ...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3194

Original

The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-08-31
Source Information Category:
Advisory, Alert
Last Updated:
2010-09-01




Affected Product Tags
cpe:/a:ibm:db2:9.1
cpe:/a:ibm:db2:9.1:fp1
cpe:/a:ibm:db2:9.1:fp2
cpe:/a:ibm:db2:9.1:fp2a
cpe:/a:ibm:db2:9.1:fp3
cpe:/a:ibm:db2:9.1:fp3a
cpe:/a:ibm:db2:9.1:fp4
cpe:/a:ibm:db2:9.1:fp4a
cpe:/a:ibm:db2:9.1:fp5
cpe:/a:ibm:db2:9.1:fp6
cpe:/a:ibm:db2:9.1:fp6a
cpe:/a:ibm:db2:9.1:fp7
cpe:/a:ibm:db2:9.1:fp7a
cpe:/a:ibm:db2:9.1:fp8
cpe:/a:ibm:db2:9.5
cpe:/a:ibm:db2:9.5:fp1
cpe:/a:ibm:db2:9.5:fp2
cpe:/a:ibm:db2:9.5:fp2a
cpe:/a:ibm:db2:9.5:fp3
cpe:/a:ibm:db2:9.5:fp3a
cpe:/a:ibm:db2:9.5:fp3b
cpe:/a:ibm:db2:9.5:fp4
cpe:/a:ibm:db2:9.5:fp4a
cpe:/a:ibm:db2:9.5:fp5
cpe:/a:ibm:db2:9.7
cpe:/a:ibm:db2:9.7:fp1
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
Alternatives




References
AIXAPAR IC65762




AIXAPAR IC65756




AIXAPAR IC65749




CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21432298




CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21426108




SECUNIA 41218




VUPEN ADV-2010-2225




Vulnerability Type Permissions, Privileges, and Access Control (CWE-264)




XF db2-db2dart-priv-escalation(61445)




Copyright © 2010 JPCERT/CC All Rights Reserved.