CVE-2018-1781

Sažetak

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148804.

Reference

http://www.ibm.com/support/docview.wss?uid=ibm10733939
http://www.securityfocus.com/bid/105885
http://www.securitytracker.com/id/1042086
https://exchange.xforce.ibmcloud.com/vulnerabilities/148804

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-10-2019 - 23:39

Objavljeno

09-11-2018 - 01:29