CVE-2012-2194
Published: 25 July 2012
Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.
Notes
Author | Note |
---|---|
tyhicks | A fix pack for 9.7 is not yet available as of 2012-07-25 |
Priority
Status
Package | Release | Status |
---|---|---|
db2exc Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21600837
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC84716
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC84715
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC84714
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC84711
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC84019
- https://www.cve.org/CVERecord?id=CVE-2012-2194
- NVD
- Launchpad
- Debian