CVE-2014-0907
Published May 30, 2014
Last updated 7 years ago
Overview
- Description
- Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2"
}
],
"operator": "OR"
}
]
}
]