CVE-2010-3194
First published: Tue Aug 31 2010(Updated: )
The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM DB2 Universal Database | =9.1-fp4 | |
| IBM DB2 Universal Database | =9.1-fp6a | |
| IBM DB2 Universal Database | =9.1-fp1 | |
| IBM DB2 Universal Database | =9.1 | |
| IBM DB2 Universal Database | =9.1-fp5 | |
| IBM DB2 Universal Database | =9.1-fp3 | |
| IBM DB2 Universal Database | =9.1-fp7a | |
| IBM DB2 Universal Database | =9.1-fp3a | |
| IBM DB2 Universal Database | =9.1-fp2a | |
| IBM DB2 Universal Database | =9.1-fp6 | |
| IBM DB2 Universal Database | =9.1-fp8 | |
| IBM DB2 Universal Database | =9.1-fp2 | |
| IBM DB2 Universal Database | =9.1-fp4a | |
| IBM DB2 Universal Database | =9.1-fp7 | |
| IBM DB2 Universal Database | =9.5 | |
| IBM DB2 Universal Database | =9.5-fp4 | |
| IBM DB2 Universal Database | =9.5-fp5 | |
| IBM DB2 Universal Database | =9.5-fp4a | |
| IBM DB2 Universal Database | =9.5-fp1 | |
| IBM DB2 Universal Database | =9.5-fp2a | |
| IBM DB2 Universal Database | =9.7-fp1 | |
| IBM DB2 Universal Database | =9.5-fp3b | |
| IBM DB2 Universal Database | =9.5-fp2 | |
| IBM DB2 Universal Database | =9.7 | |
| IBM DB2 Universal Database | =9.5-fp3 | |
| IBM DB2 Universal Database | =9.5-fp3a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www-01.ibm.com/support/docview.wss?uid=swg21426108
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC65762
- http://secunia.com/advisories/41218
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC65756
- http://www-01.ibm.com/support/docview.wss?uid=swg21432298
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC65749
- http://www.vupen.com/english/advisories/2010/2225
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61445
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13841
Frequently Asked Questions
What is the severity of CVE-2010-3194?
CVE-2010-3194 is classified as a medium severity vulnerability.
How do I fix CVE-2010-3194?
To fix CVE-2010-3194, upgrade IBM DB2 to version 9.1 FP9, 9.5 FP6, or 9.7 FP2 or later.
What software is affected by CVE-2010-3194?
CVE-2010-3194 affects IBM DB2 versions 9.1 (before FP9), 9.5 (before FP6), and 9.7 (before FP2).
What type of vulnerability is CVE-2010-3194?
CVE-2010-3194 is a file access restriction bypass vulnerability.
Can CVE-2010-3194 be exploited remotely?
CVE-2010-3194 can potentially be exploited remotely if proper access controls are not in place.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm db2 universal database
- version/ibm db2 universal database/9.1-fp4
- version/ibm db2 universal database/9.1-fp6a
- version/ibm db2 universal database/9.1-fp1
- version/ibm db2 universal database/9.1
- version/ibm db2 universal database/9.1-fp5
- version/ibm db2 universal database/9.1-fp3
- version/ibm db2 universal database/9.1-fp7a
- version/ibm db2 universal database/9.1-fp3a
- version/ibm db2 universal database/9.1-fp2a
- version/ibm db2 universal database/9.1-fp6
- version/ibm db2 universal database/9.1-fp8
- version/ibm db2 universal database/9.1-fp2
- version/ibm db2 universal database/9.1-fp4a
- version/ibm db2 universal database/9.1-fp7
- version/ibm db2 universal database/9.5
- version/ibm db2 universal database/9.5-fp4
- version/ibm db2 universal database/9.5-fp5
- version/ibm db2 universal database/9.5-fp4a
- version/ibm db2 universal database/9.5-fp1
- version/ibm db2 universal database/9.5-fp2a
- version/ibm db2 universal database/9.7-fp1
- version/ibm db2 universal database/9.5-fp3b
- version/ibm db2 universal database/9.5-fp2
- version/ibm db2 universal database/9.7
- version/ibm db2 universal database/9.5-fp3
- version/ibm db2 universal database/9.5-fp3a