← Back

CVE-2014-4805

nvd nist
Published: Sep 4, 2014Modified: May 6, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring.

Affected (5)

Products: Ibm: Db2
Ibm
1 product
Db2
Configuration A
5 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Ibm
Db2
Version 10.5.0.1
Db2
Version 10.5.0.2
Db2
Version 10.5.0.3
Db2
Version 10.5.0.3 a
Db2
Version 10.5
Running on/withPlatform Versions
Ibm
Aix
All versions
Linux
Linux Kernel
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

Source: psirt@us.ibm.com
PatchVendor Advisory
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.