Detections
Analytics

CVE-2014-0907

high

Description

Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.

References

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/

https://exchange.xforce.ibmcloud.com/vulnerabilities/91869

http://www.securitytracker.com/id/1030671

http://www.securitytracker.com/id/1030670

http://www.securityfocus.com/bid/67617

http://www.ibm.com/support/docview.wss?uid=swg21672100

http://www.ibm.com/support/docview.wss?uid=swg21610582#4

http://www.ibm.com/support/docview.wss?uid=swg1IT00686

http://www-304.ibm.com/support/docview.wss?uid=swg21676135

http://www-01.ibm.com/support/docview.wss?uid=swg21680454

http://www-01.ibm.com/support/docview.wss?uid=swg1IT00687

http://www-01.ibm.com/support/docview.wss?uid=swg1IT00686

http://www-01.ibm.com/support/docview.wss?uid=swg1IT00685

http://www-01.ibm.com/support/docview.wss?uid=swg1IT00684

http://www-01.ibm.com/support/docview.wss?uid=swg1IT00627

http://www-01.ibm.com/support/docview.wss?uid=isg400001843

http://www-01.ibm.com/support/docview.wss?uid=isg400001841

http://secunia.com/advisories/60482

http://secunia.com/advisories/59463

http://secunia.com/advisories/59451

http://seclists.org/fulldisclosure/2014/Jun/7

http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.html

Details

Source: Mitre, NVD

Published: 2014-05-30

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High