Vulnerability in IBM DB2's Audit Facility could allow an escalation of privilege attack.
Affected product(s) and affected version(s):
The following IBM DB2 and DB2 Connect V9.1, V9.5, V9.7 and V10.1 editions running on AIX, Linux, HP and Solaris (this vulnerability is not applicable to DB2 on Windows.).
IBM® DB2® Express Edition
IBM® DB2® Workgroup Server Edition
IBM® DB2® Enterprise Server Edition
IBM® DB2® Advanced Enterprise Server Edition
IBM® DB2® Connect™ Application Server Edition
IBM® DB2® Connect™ Enterprise Edition
IBM® DB2® Connect™ Unlimited Edition for System i®
IBM® DB2® Connect™ Unlimited Edition for System z®
The following IBM V9.8 editions running on AIX and Linux:
IBM® DB2® pureScale™ Feature for Enterprise Server Edition
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21639355
X-Force Database: http://xforce.iss.net/xforce/xfdb/84358