CVE-2010-3194

critical

Description

The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13841

https://exchange.xforce.ibmcloud.com/vulnerabilities/61445

http://www.vupen.com/english/advisories/2010/2225

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

http://www-01.ibm.com/support/docview.wss?uid=swg1IC65762

http://www-01.ibm.com/support/docview.wss?uid=swg1IC65756

http://www-01.ibm.com/support/docview.wss?uid=swg1IC65749

http://secunia.com/advisories/41218

Details

Source: Mitre, NVD

Published: 2010-08-31

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

Detections

Analytics