CVE-2018-1566

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. IBM X-Force ID: 143023.

Published : 2018-07-10 16:29 Updated : 2019-10-09 23:38

4.6
CVSS Score More info
Score 4.6 / 10
4.6
Vendor Product Version URI
Ibm Db2 9.7 cpe:/a:ibm:db2:9.7
Ibm Db2 10.1 cpe:/a:ibm:db2:10.1
Ibm Db2 10.5 cpe:/a:ibm:db2:10.5
Ibm Db2 11.1 cpe:/a:ibm:db2:11.1
  1. Ibm (1) Search CVE
    1. Db2 (4) Search CVE
      1. 9.7
      2. 10.1
      3. 10.5
      4. 11.1

CWE

ID Name Description Links
CWE-134 Use of Externally-Controlled Format String The software uses a function that accepts a format string as an argument, but the format string originates from an external source. CVE

History of changes

Date Event
2018-09-05 14:48
2018-07-15 01:29
2018-07-12 01:29
2018-07-10 16:29

New CVE