CVE-2007-5757

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 13 February 2008

Summary

Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-...

x_refsource_CONFIRM

http://securitytracker.com/id?1019319

vdb-entryx_refsource_SECTRACK

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 13, 2008