CVE-2005-4871

CVE-2005-4871 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Certain XML functions in IBM DB2 8.1 run with the privileges of DB2 instead of the logged-in user, which allows remote attackers to create or overwrite files via (1) XMLFileFromVarchar or (2) XMLFileFromClob, or read files via (3) XMLVarcharFromFile or (4) XMLClobFromFile.

Learn more about our Cis Benchmark Audit For Ibm Db2.