CVE-2005-4738

IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4738
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / db2_universal_database	8.1.4	8.1.4.x
ibm / db2_universal_database	8.1.6	8.1.6.x
ibm / db2_universal_database	8.1	8.1.x
ibm / db2_universal_database	8.1.8a	8.1.8a.x
ibm / db2_universal_database	8.1.6c	8.1.6c.x
ibm / db2_universal_database	8.1.8	8.1.8.x
ibm / db2_universal_database	8.1.7b	8.1.7b.x
ibm / db2_universal_database	8.0	8.0.x
ibm / db2_universal_database	8.1.5	8.1.5.x
ibm / db2_universal_database	8.1.7	8.1.7.x
ibm / db2_universal_database	8.1.9a	8.1.9a.x
ibm / db2_universal_database	8.1.9	8.1.9.x

http://secunia.com/advisories/17031
http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865
http://www.securityfocus.com/bid/15126

Vulnerability Database

289,697

CVE-2005-4738