CVE-2010-3194 | Vulnerability Database | Aqua Security

The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.

Affected Software

Name	Vendor	Start Version	End Version
Db2	Ibm	9.1 (including)	9.1 (including)
Db2	Ibm	9.1-fp1 (including)	9.1-fp1 (including)
Db2	Ibm	9.1-fp2 (including)	9.1-fp2 (including)
Db2	Ibm	9.1-fp2a (including)	9.1-fp2a (including)
Db2	Ibm	9.1-fp3 (including)	9.1-fp3 (including)
Db2	Ibm	9.1-fp3a (including)	9.1-fp3a (including)
Db2	Ibm	9.1-fp4 (including)	9.1-fp4 (including)
Db2	Ibm	9.1-fp4a (including)	9.1-fp4a (including)
Db2	Ibm	9.1-fp5 (including)	9.1-fp5 (including)
Db2	Ibm	9.1-fp6 (including)	9.1-fp6 (including)
Db2	Ibm	9.1-fp6a (including)	9.1-fp6a (including)
Db2	Ibm	9.1-fp7 (including)	9.1-fp7 (including)
Db2	Ibm	9.1-fp7a (including)	9.1-fp7a (including)
Db2	Ibm	9.1-fp8 (including)	9.1-fp8 (including)

References

ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
http://secunia.com/advisories/41218
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65749
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65756
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65762
http://www-01.ibm.com/support/docview.wss?uid=swg21426108
http://www-01.ibm.com/support/docview.wss?uid=swg21432298
http://www.vupen.com/english/advisories/2010/2225
https://exchange.xforce.ibmcloud.com/vulnerabilities/61445
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13841

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-3194
CWE	https://cwe.mitre.org/data/definitions/264.html