CVE-2011-4061 — IBM DB2 vulnerability
3 documents3 sources
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 67.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 18
Latest updateMay 14
Description
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.
CVSS vector
AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0