VYPR
Unrated severityNVD Advisory· Published Feb 21, 2007· Updated Jun 16, 2026

CVE-2007-1027

CVE-2007-1027

Description

Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.

Affected products

3
  • IBM/Db23 versions
    cpe:2.3:a:ibm:db2:9.0:*:linux:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:db2:9.0:*:linux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.0:*:unix:*:*:*:*:*
    • (no CPE)range: before 9 Fix Pack 2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.