Back to search
CVE-2007-5757
Published: Feb 12, 2008
Modified: Sep 16, 2024
PUBLISHED
Description
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1019319
vdb-entry
x_refsource_SECTRACK
20080207 IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability
third-party-advisory
x_refsource_IDEFENSE
IZ03546
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now