CVE-2014-4805
IBM DB2 10.5 - Exposure of Sensitive Information via Temporary Files in CDE Table LOAD Operations
Title source: llmDescription
IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring.
References (4)
Core 4
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT03761
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95307
Various Sources x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21681723
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030806
Scores
EPSS
0.0038
EPSS Percentile
30.2%
Details
CWE
CWE-200
Status
published
Products (4)
ibm/db2
10.5
ibm/db2
10.5.0.1
ibm/db2
10.5.0.2
ibm/db2
10.5.0.3 (2 CPE variants)
Published
Sep 04, 2014
Tracked Since
Feb 18, 2026