1512111 – (CVE-2010-2232) CVE-2010-2232 derby: SYSCS_EXPORT_TABLE can be used to overwrite derby files

Bug 1512111 (CVE-2010-2232) - CVE-2010-2232 derby: SYSCS_EXPORT_TABLE can be used to overwrite derby files

Summary: CVE-2010-2232 derby: SYSCS_EXPORT_TABLE can be used to overwrite derby files

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2010-2232
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-11-10 21:04 UTC by Pedro Sampaio
Modified:	2019-09-29 14:25 UTC (History)
CC List:	21 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2017-11-10 21:06:02 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2017-11-10 21:04:59 UTC

In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file. 

Upstream bug:

https://issues.apache.org/jira/browse/DERBY-2925

References:

http://db.apache.org/derby/releases/release-10.6.2.1.html

Note You need to log in before you can comment on or make changes to this bug.

alazarot
anstephe
bdawidow
chazlett
drieden
etirelli
ibek
kverlaen
lef
lkundrak
lpetrovi
mat.booth
paradhya
pavelp
pdrozd
pszubiak
rrajasek
rsynek
rzhang
sdaley
sthorger