IBM Security Bulletin: IBM® DB2® contains a file disclosure vulnerability in the database automated maintenance feature (CVE-2015-1883)
|
System information
|
| |
|
|
Affected software |
IBM |
Description
|
IBM DB2 contains a file disclosure vulnerability in the database automated maintenance feature. A remote, authenticated DB2 user with elevated privilege could exploit this vulnerability by manipulating an automated maintenance policy stored procedure to view any files owned by the DB2 fenced ID on Unix/Linux or Windows administrator on Windows CVE(s): CVE-2015-1883 Affected product(s) and affected version(s): All fix pack levels of IBM DB2 V9.7, V10.1 and V10.5 editions listed below
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_db2_contains_a_file_disclosure_vulnerability_in_the_database_automated_maintenance_feature_cve_2015_18831?lang=en_us |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2015-1883 ,CVE-2014-6593 ,CVE-2015-0410 ,CVE-2014-9494 and CVE-2014-8910. |
