Race Condition Vulnerabilities in IBM DB2 UDB by IBM
CVE-2007-4270

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 18 August 2007

What is CVE-2007-4270?

Multiple race condition vulnerabilities exist in IBM DB2 Universal Database versions prior to specific Fixpaks. These vulnerabilities are exploitable by local users who can perform a symlink attack on certain files, potentially allowing them to escalate their privileges to root. This can lead to unauthorized access and manipulation of critical database resources, underscoring the importance of applying the latest patches and updates to mitigate these security risks.

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

http://www.attrition.org/pipermail/vim/2007-August/001765...

mailing-listx_refsource_VIM

http://www.vupen.com/english/advisories/2007/2912

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 18, 2007
Vulnerability Reserved
Aug 9, 2007