Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability note CVE-2012-0710

IBM DB2 9.8: three vulnerabilities

Synthesis of the vulnerability

An attacker can use three vulnerabilities of IBM DB2, in order to create a denial of service or to elevate his privileges.
Impacted products: DB2 UDB.
Severity: 2/4.
Creation date: 01/06/2012.
Identifiers: 21588090, CVE-2012-0710, IC69495, IC76781, IC76899, IC76901, IC76902, IC77539, swg21455035, VIGILANCE-VUL-11669.

Description of the vulnerability

Three vulnerabilities were announced in IBM DB2.

After a migration from version 9.5, HA scripts have incorrect permissions. [severity:2/4; IC77539]

Administrative monitoring views in the SYSIBMADM schema are public. [severity:1/4; IC69495]

A remote attacker can create a denial of service. [severity:2/4; 21588090, CVE-2012-0710, IC76781, IC76899, IC76901, IC76902]
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter 

Computer vulnerabilities tracking service

Vigil@nce provides a software vulnerability watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.



















Copyright 1999-2013 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française