CVE-2007-6047
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART.
Vulnerabilidad no especificada en la herramienta DB2DART en IBM DB2 UDB 9.1 anterior a Fixpak 4 permite a atacantes ejecutar comandos de su elección como la instancia propietario DB2, relacionado con la invocación de TPUT por DB2DART.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-11-20 CVE Reserved
- 2007-11-20 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www-1.ibm.com/support/docview.wss?uid=swg21255607 | X_refsource_confirm | |
| http://www.vupen.com/english/advisories/2007/3867 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/27667 | 2011-03-08 | |
| http://www.securityfocus.com/bid/26450 | 2011-03-08 |
| URL | Date | SRC |
|---|---|---|
| http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646 | 2011-03-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | <= 9.1 Search vendor "Ibm" for product "Db2 Universal Database" and version " <= 9.1" | fp3a |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | <= 9.1 Search vendor "Ibm" for product "Db2 Universal Database" and version " <= 9.1" | fp3a |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | <= 9.1 Search vendor "Ibm" for product "Db2 Universal Database" and version " <= 9.1" | fp3a |
Affected
| in | Unix Search vendor "Unix" | Unix Search vendor "Unix" for product "Unix" | * | - |
Safe
|