Vulnerability Description
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 Universal Database | 7.1 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=110495402231836&w=2Mailing List
- http://secunia.com/advisories/12733/Broken LinkVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg21181228Broken Link
- http://www.nextgenss.com/advisories/db205012005F.txtNot Applicable
- http://www.securityfocus.com/bid/11402Broken LinkPatchThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17605Third Party AdvisoryVDB Entry
- http://marc.info/?l=bugtraq&m=110495402231836&w=2Mailing List
- http://secunia.com/advisories/12733/Broken LinkVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg21181228Broken Link
- http://www.nextgenss.com/advisories/db205012005F.txtNot Applicable
- http://www.securityfocus.com/bid/11402Broken LinkPatchThird Party Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17605Third Party AdvisoryVDB Entry
FAQ
What is CVE-2005-4868?
CVE-2005-4868 is a vulnerability with a CVSS score of 7.1 (HIGH). Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, su...
How severe is CVE-2005-4868?
CVE-2005-4868 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4868?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2 Universal Database, Microsoft Windows.