IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 168298.
References
Link | Resource |
---|---|
https://www.ibm.com/support/pages/node/1128063 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/168298 | VDB Entry Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2019-12-12 09:15
Updated : 2019-12-16 10:39
NVD link : CVE-2019-4606
Mitre link : CVE-2019-4606
JSON object : View
CWE
CWE-426
Untrusted Search Path
Products Affected
ibm
- db2_high_performance_unload_load
microsoft
- windows
linux
- linux_kernel
opengroup
- unix