CVE-2016-5995

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 01-10-2016 03:59

Last modified: - 23-01-2023 07:44

Total changes: - 9

Description

Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.

Common Vulnerability Scoring System (CVSS)

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

Required

User interaction

7.3

Base score

1.3

5.9

Exploitability score

Impact score

Verification logic

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21990061
IT16921-Vendor Advisory
IT17012-Permissions Required
IT17010-Permissions Required
IT17011-Permissions Required
93012-
1036837-

Keywords

CVE-2016-5995

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2016-5995

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures