Unrated severityNVD Advisory· Published Nov 17, 2003· Updated Apr 16, 2026

CVE-2003-0898

Description

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.

Affected products

IBM/Db2 Universal Database2 versions
cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*
- cpe:2.3:a:ibm:db2_universal_database:*:*:linux:*:*:*:*:*range: <=8.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txtnvd
marc.infonvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000