Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1052 — IBM DB2 vulnerability

5 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.4%

top 40.96%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedSep 28

Latest updateApr 29

Description

IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

▶NVDibm/db29.0

GHSA

GHSA-hvc8-756p-3cpj: IBM DB2 7↗2022-04-29

▶

CVEList

CVE-2003-1052: IBM DB2 7↗2004-08-20

▶

Exploit-DB

IBM DB2 - Shared Library Injection↗2003-08-05

▶

Exploit-DB

Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)↗2003-07-08

▶