Home

CVE-2019-4014

Description

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 155892.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.07

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in DB2 11.1.4.4Windows
Multiple Vulnerabilities are affected in DB2 10.1.0.0Windows
Multiple Vulnerabilities are affected in DB2 10.1.0.3Windows
Multiple Vulnerabilities are affected in DB2 10.1.0.6Windows
Multiple Vulnerabilities are affected in DB2 10.5.0.0Windows
Multiple Vulnerabilities are affected in DB2 10.5.0.10Windows
Multiple Vulnerabilities are affected in DB2 10.5.0.3Windows
Multiple Vulnerabilities are affected in DB2 10.5.0.8Windows
Multiple Vulnerabilities are affected in DB2 10.5.0.9Windows
Multiple Vulnerabilities are affected in DB2 11.1.1.1Windows
Multiple Vulnerabilities are affected in DB2 11.1.2.2Windows
Multiple Vulnerabilities are affected in DB2 11.1.3.3Windows
Multiple Vulnerabilities are affected in DB2 11.1.4.4Windows
Multiple Vulnerabilities are affected in DB2 9.7.0.9Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234