Vulnerability ID: IZ22143 Description: INSTALL_JAR can be used to create or overwrite critical files on a system. Affected Users: Users using sqlj.install_jar CVE Reference: CVE-2008-2154 Recommendation: Install v95 fp2 Temporary Workaround: As this is a known procedure which doesn't have a catalog entry. DBAs can't use REVOKE EXECUTE statement to prevent user from calling it. Status: Closed Affected Product: Db2 Linux, Unix and Windows Software Version: 9.5.0 APAR Number: IZ22143 Reported Component ID: 5765F4100 Reported Component Release: 950 Status: Closed Fix in Error: NoPE HIPER: NoHIPER Special Attention: NoSpecatt Submitted Date: May 09, 2008, 11:00 GMT+8 Closed Date: Sep 04, 2008, 11:00 GMT+8 Last Modified Date: Aug 25, 2023, 01:44 GMT+8