Configuration
CVE-2008-2154
Summary
IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an INSTALL_JAR (aka sqlj.install_jar) procedure, which allows remote authenticated users to create or overwrite arbitrary files via unspecified calls.
- MEDIUM
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-16 - Configuration
Weaknesses in this category are typically introduced during the configuration of the software.
References
Advisory Timeline
- Published