CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
25.6%
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2)
kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli
Monitoring for Databases: DB2 Agent, allow local users to gain privileges
via a Trojan horse libkbb.so in the current working directory, related to
the DT_RPATH ELF header.
Author | Note |
---|---|
tyhicks | Fixed in 9.7 FP6 |