SSL Load Action Vulnerability in IBM DB2 UDB by IBM
CVE-2007-6049

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 20 November 2007

Summary

An unspecified vulnerability exists within the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 prior to Fixpak 4. This vulnerability can be triggered by a call to dlopen while the effective user ID is root, potentially allowing unauthorized access or manipulation. The specific impacts and attack vectors remain unknown, highlighting the need for users to stay updated with the latest patches and security advisories.

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2007/3867

vdb-entryx_refsource_VUPEN

http://osvdb.org/41013

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Nov 20, 2007
Vulnerability Reserved
Nov 20, 2007