NVD

Id
56401  
Name
CVE-2007-4273  
Description
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-08-18  
Modified Date
2011-03-07  
Seq
2007-4273  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
287265 56401 CVE-2007-4273 20070816 IBM DB2 Universal Database Directory Creation Vulnerability  View
287266 56401 CVE-2007-4273 1018581  View
287267 56401 CVE-2007-4273 IY98011  View
287268 56401 CVE-2007-4273 IY98101  View
287269 56401 CVE-2007-4273 http://www-1.ibm.com/support/docview.wss?uid=swg21255352  View
287270 56401 CVE-2007-4273 http://www-1.ibm.com/support/docview.wss?uid=swg21255607  View
287271 56401 CVE-2007-4273 [VIM] 20070821 Recent DB2 Vulnerabilities  View
287272 56401 CVE-2007-4273 25339  View
287273 56401 CVE-2007-4273 ADV-2007-2912  View
287274 56401 CVE-2007-4273 db2-message-file-format-string(36106)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
55566 JVNDB-2007-004258 IBM DB2 UDB における任意のコードを実行される脆弱性 IBM DB2 UDB には、任意のディレクトリを作成される、および任意のコードを実行される脆弱性が存在します。 CVE-2007-4273 27628 CVE-2007-4273 56401 4.6 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-004258.html 2007-08-18 2012-09-25 View