Back to search
CVE-2014-0907
Published: May 30, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20140603 CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2
mailing-list
x_refsource_FULLDISC
http://www-304.ibm.com/support/docview.wss?uid=swg21676135
x_refsource_CONFIRM
IT00686
vendor-advisory
x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=swg1IT00686
x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=swg21672100
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
x_refsource_CONFIRM
59463
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=swg21610582#4
x_refsource_CONFIRM
1030670
vdb-entry
x_refsource_SECTRACK
67617
vdb-entry
x_refsource_BID
IT00685
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21680454
x_refsource_CONFIRM
1030671
vdb-entry
x_refsource_SECTRACK
ibm-cve20140907-priv-escalation(91869)
vdb-entry
x_refsource_XF
60482
third-party-advisory
x_refsource_SECUNIA
59451
third-party-advisory
x_refsource_SECUNIA
IT00687
vendor-advisory
x_refsource_AIXAPAR
IT00684
vendor-advisory
x_refsource_AIXAPAR
IT00627
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now