ubuntu · CVE-2012-3324

Quick triage

Priority: high Published: 2012-09-25 20:55:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2012-3324 high priority: Ubuntu including 3 source packages (db2, db2exc, db2exc-amd64), 18 status rows across 6 suites (hardy, lucid, natty, oneiric, precise, upstream): DNE 9, not-affected 9.

Description:

Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.

cvelogic Threat Intelligence