Vulnerabilities > CVE-2007-1089 - Local Security vulnerability in IBM DB2 Universal Database 8.0/9.1

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

linux

microsoft

ibm

NVD

Published: 2007-02-23

Updated: 2018-10-30

Summary

IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 2.6.18.0 Linux Linux Kernel 2.6.18.1 Linux Linux Kernel 2.6.18.2 Linux Linux Kernel 2.6.18.3 Linux Linux Kernel 2.6.18.4 Linux Linux Kernel 2.6.18.5 Linux Linux Kernel 2.6.18.6 Linux Linux Kernel 2.6.18.7 Linux Linux Kernel 2.6.19 Linux Linux Kernel 2.6.19.1 Linux Linux Kernel 2.6.19.2 Linux Linux Kernel 2.6.19.3 Linux Linux Kernel 2.6.19.4 Linux Linux Kernel 2.6.20 Linux Linux Kernel 2.6.20.1	15
OS	Microsoft Microsoft Windows XP *	1
Application	Ibm IBM DB2 Universal Database 8.0 IBM DB2 Universal Database 9.1	2

Summary

Vulnerable Configurations

References