CVE-2007-6049

Properties

Published:
19.11.2007
Updated:
22.11.2007
Patch available:
Severity:
High
CVSS vector:
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Product:
IBM: DB2 Universal Database

Vulnerability description

Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.

References:

http://www-1.ibm.com/support/docview.wss?uid=swg21255607: http://www-1.ibm.com/support/docview.wss?uid=swg21255607
AIXAPAR: http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461
BID: http://www.securityfocus.com/bid/26450
FRSIRT: http://www.frsirt.com/english/advisories/2007/3867
SECUNIA: http://secunia.com/advisories/27667