CVE-2018-1978

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069.

Published : 2019-03-11 22:29 Updated : 2019-10-09 23:39

7.2
CVSS Score More info
Score 7.2 / 10
7.2
Vendor Product Version URI
Ibm Db2 9.7 cpe:/a:ibm:db2:9.7
Ibm Db2 10.1 cpe:/a:ibm:db2:10.1
Ibm Db2 10.5 cpe:/a:ibm:db2:10.5
Ibm Db2 11.1 cpe:/a:ibm:db2:11.1
  1. Ibm (1) Search CVE
    1. Db2 (4) Search CVE
      1. 9.7
      2. 10.1
      3. 10.5
      4. 11.1

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2019-03-15 16:51
2019-03-15 10:29
2019-03-12 14:29
2019-03-11 22:29

New CVE