CVE-2012-2194

medium

Description

Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.

References

http://www.securityfocus.com/bid/54487

http://www-01.ibm.com/support/docview.wss?uid=swg21600837

http://www-01.ibm.com/support/docview.wss?uid=swg1IC84716

http://www-01.ibm.com/support/docview.wss?uid=swg1IC84715

http://www-01.ibm.com/support/docview.wss?uid=swg1IC84714

http://www-01.ibm.com/support/docview.wss?uid=swg1IC84711

http://www-01.ibm.com/support/docview.wss?uid=swg1IC84019

http://secunia.com/advisories/49919

Details

Source: Mitre, NVD

Published: 2012-07-25

Updated: 2017-12-22

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

Detections

Analytics