Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-0907
Modified
More InfoOfficial Page
Source-psirt@us.ibm.com
View Known Exploited Vulnerability (KEV) details
Published At-30 May, 2014 | 23:55
Updated At-06 May, 2026 | 22:30

Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7
cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.1
cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.2
cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.3
cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.4
cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.5
cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.6
cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.7
cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.8
cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.7.0.9
cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.1
cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.1.0.1
cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.1.0.2
cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.1.0.3
cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.5
cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.5.0.1
cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>10.5.0.2
cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Per http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"
Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.htmlpsirt@us.ibm.com
N/A
http://seclists.org/fulldisclosure/2014/Jun/7psirt@us.ibm.com
N/A
http://secunia.com/advisories/59451psirt@us.ibm.com
N/A
http://secunia.com/advisories/59463psirt@us.ibm.com
N/A
http://secunia.com/advisories/60482psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=isg400001841psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=isg400001843psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00627psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00684psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00685psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00686psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00687psirt@us.ibm.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21680454psirt@us.ibm.com
N/A
http://www-304.ibm.com/support/docview.wss?uid=swg21676135psirt@us.ibm.com
N/A
http://www.ibm.com/support/docview.wss?uid=swg1IT00686psirt@us.ibm.com
N/A
http://www.ibm.com/support/docview.wss?uid=swg21610582#4psirt@us.ibm.com
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21672100psirt@us.ibm.com
Vendor Advisory
http://www.securityfocus.com/bid/67617psirt@us.ibm.com
N/A
http://www.securitytracker.com/id/1030670psirt@us.ibm.com
N/A
http://www.securitytracker.com/id/1030671psirt@us.ibm.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/91869psirt@us.ibm.com
N/A
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/psirt@us.ibm.com
N/A
http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/fulldisclosure/2014/Jun/7af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59451af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59463af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/60482af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=isg400001841af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=isg400001843af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00627af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00684af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00685af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00686af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IT00687af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21680454af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-304.ibm.com/support/docview.wss?uid=swg21676135af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=swg1IT00686af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=swg21610582#4af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21672100af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/67617af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1030670af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1030671af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/91869af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.html
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2014/Jun/7
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59451
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59463
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/60482
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg400001841
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg400001843
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00627
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00684
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00685
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00686
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00687
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21680454
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www-304.ibm.com/support/docview.wss?uid=swg21676135
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg1IT00686
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21610582#4
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21672100
Source: psirt@us.ibm.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/67617
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030670
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030671
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/91869
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/
Source: psirt@us.ibm.com
Resource: N/A
Hyperlink: http://packetstormsecurity.com/files/126940/IBM-DB2-Privilege-Escalation.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2014/Jun/7
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59451
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59463
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/60482
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg400001841
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg400001843
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00627
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00684
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00685
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00686
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IT00687
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21680454
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-304.ibm.com/support/docview.wss?uid=swg21676135
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg1IT00686
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21610582#4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21672100
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/67617
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030670
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1030671
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/91869
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0907/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found

Details not found