cve-2012-2196
Vulnerability from cvelistv5
Published
2012-07-25 10:00
Modified
2024-08-06 19:26
Severity ?
EPSS score ?
Summary
IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:08.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IC84712",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712"
},
{
"name": "IC84751",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751"
},
{
"name": "49919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49919"
},
{
"name": "54487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837"
},
{
"name": "IC84614",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614"
},
{
"name": "IC84750",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750"
},
{
"name": "IC84748",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-21T17:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IC84712",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712"
},
{
"name": "IC84751",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751"
},
{
"name": "49919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49919"
},
{
"name": "54487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837"
},
{
"name": "IC84614",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614"
},
{
"name": "IC84750",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750"
},
{
"name": "IC84748",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-2196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IC84712",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712"
},
{
"name": "IC84751",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751"
},
{
"name": "49919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49919"
},
{
"name": "54487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54487"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837"
},
{
"name": "IC84614",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614"
},
{
"name": "IC84750",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750"
},
{
"name": "IC84748",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-2196",
"datePublished": "2012-07-25T10:00:00",
"dateReserved": "2012-04-04T00:00:00",
"dateUpdated": "2024-08-06T19:26:08.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2012-2196\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2012-07-25T10:42:34.757\",\"lastModified\":\"2024-11-21T01:38:41.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.\"},{\"lang\":\"es\",\"value\":\"IBM DB2 v9.1 antes de FP12, v9.5 hasta el FP9, v9.7 hasta el FP6, v9.8 hasta el FP5 y v10.1 permite a atacantes remotos leer archivos XML de su elecci\u00f3n a trav\u00e9s de los procedimientos almacenados (1) GET_WRAP_CFG_C o (2) GET_WRAP_CFG_C2.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B28091A-8772-41DC-9D91-D5359CDDA7A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A3E057-5DD6-494F-9195-BB57BA107877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B2D2913-079E-41D5-975D-DB62309ED9BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.2:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A7D0F90-0DEB-49BD-B753-BB832B0554CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAC88935-B62C-4510-8246-2E0E9D63DF57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.3:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"A687DD0E-0212-4F2F-AF24-8DCB3AF60C3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2FAF674-6583-4BA1-BE1F-6CF14D129036\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.4:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC4C04EA-8A95-423E-9EDC-1F29B42C8065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1D21588-6838-48A3-86E5-1ADFE71951E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB96916D-C245-4CEA-B435-FAF4454E3251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.6:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6814580-113F-498D-AC07-425C970059DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51CE1063-6DAF-484D-A0B2-6F4D6F18B39B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.7:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"15E1897A-FEC0-47CB-AC32-0787A8B236B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87956B68-68C7-4CEB-AA74-454F1DC26DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"252B1BCD-D326-4425-A923-B05BB32D08BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8D741D-4F55-4BE4-ADA6-ADDAC02E5A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8336EA8D-BD3C-4B25-80C1-A85F64328039\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D26FF3-1D40-49D6-A5BB-284FE1B89288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A2E9C9-8EB4-4127-8278-E976D4D3B7C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.2:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1ED577-3F11-415F-90C8-62B9EC21CA08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E054B24-704E-4C05-8E58-3FE0A04D84EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.3:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C72E084-0266-4389-B8BB-202292D47DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.3:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"008B98FD-1DE2-4323-B20E-7BD422EB6771\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12C4D6E-7AF9-44F9-9389-F9CA7409C41F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.4:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1C889C-885B-4DB3-A5F4-89A0B1DE0F47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C13BB7FD-718B-499E-87C7-637D2A2E3D5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.6:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"267FE109-013A-482E-8078-161FA0991973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F30C1B-0799-49A2-BAA5-26A6030B7682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4E4D16-3C35-42BD-A131-AF0DFC2D20AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B7D92A9-BC9A-4F56-AEA6-CE06C7688070\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8A8E221-7045-4BAD-9B29-ABBC5216559D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C39DC1-AD23-4F26-9727-EC0FBDF84BEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2513D42C-E558-4CC7-88D3-BB44F1B40157\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F441BE8-AEC0-44F0-875E-03C65A45CF68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E9715-CFAA-4F2A-B432-181EDCA3D812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A55FBA0-4DFC-493D-91EF-EB56C241F9CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D72D43DB-9A92-4E12-853B-F5FC9421D5EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"734E79E6-4A83-4CBF-B8B3-2D6D4491728E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3631F758-5C8F-4D24-81C1-D6146B0209CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CB6E617-98EA-4944-9211-FFEE9E50FE55\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2952EB24-A015-4EC7-85E3-88588D0AB15B\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/49919\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21600837\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.securityfocus.com/bid/54487\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://secunia.com/advisories/49919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21600837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/54487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.