CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
82.3%
Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | db2 | 9.1 | cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:* |
ibm | db2 | 9.1.0.1 | cpe:2.3:a:ibm:db2:9.1.0.1:*:*:*:*:*:*:* |
ibm | db2 | 9.1.0.2 | cpe:2.3:a:ibm:db2:9.1.0.2:*:*:*:*:*:*:* |
ibm | db2 | 9.1.0.2 | cpe:2.3:a:ibm:db2:9.1.0.2:a:*:*:*:*:*:* |
ibm | db2 | 9.1.0.3 | cpe:2.3:a:ibm:db2:9.1.0.3:*:*:*:*:*:*:* |
ibm | db2 | 9.1.0.3 | cpe:2.3:a:ibm:db2:9.1.0.3:a:*:*:*:*:*:* |
ibm | db2 | 9.1.0.4 | cpe:2.3:a:ibm:db2:9.1.0.4:*:*:*:*:*:*:* |
ibm | db2 | 9.1.0.4 | cpe:2.3:a:ibm:db2:9.1.0.4:a:*:*:*:*:*:* |
ibm | db2 | 9.1.0.5 | cpe:2.3:a:ibm:db2:9.1.0.5:*:*:*:*:*:*:* |
ibm | db2 | 9.1.0.6 | cpe:2.3:a:ibm:db2:9.1.0.6:*:*:*:*:*:*:* |
secunia.com/advisories/49919
www-01.ibm.com/support/docview.wss?uid=swg1IC84019
www-01.ibm.com/support/docview.wss?uid=swg1IC84711
www-01.ibm.com/support/docview.wss?uid=swg1IC84714
www-01.ibm.com/support/docview.wss?uid=swg1IC84715
www-01.ibm.com/support/docview.wss?uid=swg1IC84716
www-01.ibm.com/support/docview.wss?uid=swg21600837
www.securityfocus.com/bid/54487