Lucene search
HistorySep 25, 2012 - 8:55 p.m.
CVE-2012-3324
cve-2012-3324
nvd
utl_file module
ibm db2
db2 connect
directory traversal
windows
authenticated users
file modification
file deletion
file reading
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.5 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.7%
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
Affected configurations
Node
ibmdb2
ORibmdb2_connectMatch10.1
microsoftwindows_2000
ORmicrosoftwindows_2003_server
ORmicrosoftwindows_7
ORmicrosoftwindows_server_2008
ORmicrosoftwindows_vista
ORmicrosoftwindows_xp
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:db2 | ibm db2 | eq | * |
| ibm:db2_connect | ibm db2 connect | eq | 10.1 |
Related
nvd
nvd
CVE-2012-3324
2012-09-25 20:55:01
prion
prion
Directory traversal
2012-09-25 20:55:00
openvas
openvas
IBM Db2 UTL_FILE Module Directory Traversal Vulnerability - Windows
2012-09-27 00:00:00
ubuntucve
ubuntucve
CVE-2012-3324
2012-09-25 00:00:00
cvelist
cvelist
CVE-2012-3324
2012-09-25 20:00:00
ibm
ibm
nessus
nessus
IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities
2012-09-28 00:00:00
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.5 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.7%
Related for CVE-2012-3324