CVE-2016-5995

EUVD-2016-6929
Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7.0.1
ibmdb2
9.7.0.1
ibmdb2
9.7.0.1
ibmdb2
9.7.0.1
ibmdb2
9.7.0.1
ibmdb2
9.7.0.1
ibmdb2
9.7.0.2
ibmdb2
9.7.0.2
ibmdb2
9.7.0.2
ibmdb2
9.7.0.2
ibmdb2
9.7.0.2
ibmdb2
9.7.0.2
ibmdb2
9.7.0.3
ibmdb2
9.7.0.3
ibmdb2
9.7.0.3
ibmdb2
9.7.0.3
ibmdb2
9.7.0.3
ibmdb2
9.7.0.3
ibmdb2
9.7.0.4
ibmdb2
9.7.0.4
ibmdb2
9.7.0.4
ibmdb2
9.7.0.4
ibmdb2
9.7.0.4
ibmdb2
9.7.0.4
ibmdb2
9.7.0.5
ibmdb2
9.7.0.5
ibmdb2
9.7.0.5
ibmdb2
9.7.0.5
ibmdb2
9.7.0.5
ibmdb2
9.7.0.5
ibmdb2
9.7.0.6
ibmdb2
9.7.0.6
ibmdb2
9.7.0.6
ibmdb2
9.7.0.6
ibmdb2
9.7.0.6
ibmdb2
9.7.0.6
ibmdb2
9.7.0.7
ibmdb2
9.7.0.7
ibmdb2
9.7.0.7
ibmdb2
9.7.0.7
ibmdb2
9.7.0.7
ibmdb2
9.7.0.7
ibmdb2
9.7.0.8
ibmdb2
9.7.0.8
ibmdb2
9.7.0.8
ibmdb2
9.7.0.8
ibmdb2
9.7.0.8
ibmdb2
9.7.0.8
ibmdb2
9.7.0.9
ibmdb2
9.7.0.9
ibmdb2
9.7.0.9
ibmdb2
9.7.0.9
ibmdb2
9.7.0.9
ibmdb2
9.7.0.9
ibmdb2
9.7.0.10
ibmdb2
9.7.0.10
ibmdb2
9.7.0.10
ibmdb2
9.7.0.10
ibmdb2
9.7.0.10
ibmdb2
9.7.0.10
ibmdb2
9.7.0.11
ibmdb2
9.7.0.11
ibmdb2
9.7.0.11
ibmdb2
9.7.0.11
ibmdb2
9.7.0.11
ibmdb2
9.7.0.11
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1.0.1
ibmdb2
10.1.0.1
ibmdb2
10.1.0.1
ibmdb2
10.1.0.1
ibmdb2
10.1.0.1
ibmdb2
10.1.0.1
ibmdb2
10.1.0.2
ibmdb2
10.1.0.2
ibmdb2
10.1.0.2
ibmdb2
10.1.0.2
ibmdb2
10.1.0.2
ibmdb2
10.1.0.2
ibmdb2
10.1.0.3
ibmdb2
10.1.0.3
ibmdb2
10.1.0.3
ibmdb2
10.1.0.3
ibmdb2
10.1.0.3
ibmdb2
10.1.0.3
ibmdb2
10.1.0.4
ibmdb2
10.1.0.4
ibmdb2
10.1.0.4
ibmdb2
10.1.0.4
ibmdb2
10.1.0.4
ibmdb2
10.1.0.4
ibmdb2
10.1.0.5
ibmdb2
10.1.0.5
ibmdb2
10.1.0.5
ibmdb2
10.1.0.5
ibmdb2
10.1.0.5
ibmdb2
10.1.0.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5.0.1
ibmdb2
10.5.0.1
ibmdb2
10.5.0.1
ibmdb2
10.5.0.1
ibmdb2
10.5.0.1
ibmdb2
10.5.0.1
ibmdb2
10.5.0.2
ibmdb2
10.5.0.2
ibmdb2
10.5.0.2
ibmdb2
10.5.0.2
ibmdb2
10.5.0.2
ibmdb2
10.5.0.2
ibmdb2
10.5.0.3
ibmdb2
10.5.0.3
ibmdb2
10.5.0.3
ibmdb2
10.5.0.3
ibmdb2
10.5.0.3
ibmdb2
10.5.0.3
ibmdb2
10.5.0.4
ibmdb2
10.5.0.4
ibmdb2
10.5.0.4
ibmdb2
10.5.0.4
ibmdb2
10.5.0.4
ibmdb2
10.5.0.4
ibmdb2
10.5.0.5
ibmdb2
10.5.0.5
ibmdb2
10.5.0.5
ibmdb2
10.5.0.5
ibmdb2
10.5.0.5
ibmdb2
10.5.0.5
ibmdb2
10.5.0.6
ibmdb2
10.5.0.6
ibmdb2
10.5.0.6
ibmdb2
10.5.0.6
ibmdb2
10.5.0.6
ibmdb2
10.5.0.6
ibmdb2
10.5.0.7
ibmdb2
10.5.0.7
ibmdb2
10.5.0.7
ibmdb2
10.5.0.7
ibmdb2
10.5.0.7
ibmdb2
10.5.0.7
ibmdb2
11.1.0.0
ibmdb2
11.1.0.0
ibmdb2
11.1.0.0
ibmdb2
11.1.0.0
ibmdb2
11.1.0.0
ibmdb2
11.1.0.0
ibmdb2_connect
9.7
ibmdb2_connect
9.7
ibmdb2_connect
9.7
ibmdb2_connect
9.7.0.1
ibmdb2_connect
9.7.0.1
ibmdb2_connect
9.7.0.1
ibmdb2_connect
9.7.0.2
ibmdb2_connect
9.7.0.2
ibmdb2_connect
9.7.0.2
ibmdb2_connect
9.7.0.3
ibmdb2_connect
9.7.0.3
ibmdb2_connect
9.7.0.3
ibmdb2_connect
9.7.0.4
ibmdb2_connect
9.7.0.4
ibmdb2_connect
9.7.0.4
ibmdb2_connect
9.7.0.5
ibmdb2_connect
9.7.0.5
ibmdb2_connect
9.7.0.5
ibmdb2_connect
9.7.0.6
ibmdb2_connect
9.7.0.6
ibmdb2_connect
9.7.0.6
ibmdb2_connect
9.7.0.7
ibmdb2_connect
9.7.0.7
ibmdb2_connect
9.7.0.7
ibmdb2_connect
9.7.0.8
ibmdb2_connect
9.7.0.8
ibmdb2_connect
9.7.0.8
ibmdb2_connect
9.7.0.9
ibmdb2_connect
9.7.0.9
ibmdb2_connect
9.7.0.9
ibmdb2_connect
9.7.0.10
ibmdb2_connect
9.7.0.10
ibmdb2_connect
9.7.0.10
ibmdb2_connect
9.7.0.11
ibmdb2_connect
9.7.0.11
ibmdb2_connect
9.7.0.11
ibmdb2_connect
10.1
ibmdb2_connect
10.1
ibmdb2_connect
10.1
ibmdb2_connect
10.1.0.1
ibmdb2_connect
10.1.0.1
ibmdb2_connect
10.1.0.1
ibmdb2_connect
10.1.0.2
ibmdb2_connect
10.1.0.2
ibmdb2_connect
10.1.0.2
ibmdb2_connect
10.1.0.3
ibmdb2_connect
10.1.0.3
ibmdb2_connect
10.1.0.3
ibmdb2_connect
10.1.0.4
ibmdb2_connect
10.1.0.4
ibmdb2_connect
10.1.0.4
ibmdb2_connect
10.1.0.5
ibmdb2_connect
10.1.0.5
ibmdb2_connect
10.1.0.5
ibmdb2_connect
10.5
ibmdb2_connect
10.5
ibmdb2_connect
10.5
ibmdb2_connect
10.5.0.1
ibmdb2_connect
10.5.0.1
ibmdb2_connect
10.5.0.1
ibmdb2_connect
10.5.0.2
ibmdb2_connect
10.5.0.2
ibmdb2_connect
10.5.0.2
ibmdb2_connect
10.5.0.3
ibmdb2_connect
10.5.0.3
ibmdb2_connect
10.5.0.3
ibmdb2_connect
10.5.0.4
ibmdb2_connect
10.5.0.4
ibmdb2_connect
10.5.0.4
ibmdb2_connect
10.5.0.5
ibmdb2_connect
10.5.0.5
ibmdb2_connect
10.5.0.5
ibmdb2_connect
10.5.0.6
ibmdb2_connect
10.5.0.6
ibmdb2_connect
10.5.0.6
ibmdb2_connect
10.5.0.7
ibmdb2_connect
10.5.0.7
ibmdb2_connect
10.5.0.7
ibmdb2_connect
11.1.0.0
ibmdb2_connect
11.1.0.0
ibmdb2_connect
11.1.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921
http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010
http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011
http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012
http://www-01.ibm.com/support/docview.wss?uid=swg21990061
http://www.securityfocus.com/bid/93012
http://www.securitytracker.com/id/1036837
http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921
http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010
http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011
http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012
http://www-01.ibm.com/support/docview.wss?uid=swg21990061
http://www.securityfocus.com/bid/93012
http://www.securitytracker.com/id/1036837