Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3324

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2012-3324
Last Modified 26 Sep 2012 12:00:00
Published 25 Sep 2012 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-3324

Summary

Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.

Vulnerable Systems

Application

  • Ibm Db2

  • Ibm Db2 Connect 10.1


References

XF - db2-utlfile-dir-traversal(77924)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21611040

AIXAPAR - IC85513


Last Updated: 27 May 2016 11:00:48