CVE-2019-4057
https://notcve.org/view.php?id=CVE-2019-4057
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow malicious user with access to the DB2 instance account to leverage a fenced execution process to execute arbitrary code as root. IBM X-Force ID: 156567. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, y 11.1 podría permitir que un usuario malintencionado con acceso a la cuenta de la instancia de DB2 aproveche un proceso de ejecución cercado para ejecutar código arbitrario como root. ID de IBM X-Force: 156567. • https://exchange.xforce.ibmcloud.com/vulnerabilities/156567 https://www.ibm.com/support/docview.wss?uid=ibm10880735 •
CVE-2019-4014
https://notcve.org/view.php?id=CVE-2019-4014
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 155892. IBM DB2 para Linux, UNIX y Windows, en sus versiones 9.7, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server), son vulnerables a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 155892. • https://exchange.xforce.ibmcloud.com/vulnerabilities/155892 https://www.ibm.com/support/docview.wss?uid=ibm10878793 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2018-1936
https://notcve.org/view.php?id=CVE-2018-1936
IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316. En IBM DB2, en sus versiones 9.7, 10.1, 10.5 y 11.1, libdb2e.so.1 es vulnerable a un desbordamiento de búfer basado en pila provocado por una comprobación de límites incorrecta que podría conducir a que un atacante ejecute código arbitrario. IBM X-Force ID: 153316. • https://exchange.xforce.ibmcloud.com/vulnerabilities/153316 https://www.ibm.com/support/docview.wss?uid=ibm10741481 • CWE-787: Out-of-bounds Write •
CVE-2017-1519
https://notcve.org/view.php?id=CVE-2017-1519
IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829. IBM DB2 10.5 y 11.1 es vulnerable a denegaciones de servicio. Un usuario remoto puede provocar la interrupción del servicio en la instalación de DB2 Connect Server con una configuración específica. • http://www.ibm.com/support/docview.wss?uid=swg22007183 http://www.securityfocus.com/bid/100688 http://www.securitytracker.com/id/1039298 https://exchange.xforce.ibmcloud.com/vulnerabilities/129829 • CWE-20: Improper Input Validation •
CVE-2017-1439
https://notcve.org/view.php?id=CVE-2017-1439
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058. IBM DB2 para Linux, UNIX y Windows 9.7, 10,1, 10.5 y 11.1 (incluido DB2 Connect Server) podría permitir a un usuario local con privilegios de propietario en la instancia DB2 obtener acceso root. IBM X-Force ID: 128058. • http://www.ibm.com/support/docview.wss?uid=swg22006061 http://www.securityfocus.com/bid/100690 http://www.securitytracker.com/id/1039301 https://exchange.xforce.ibmcloud.com/vulnerabilities/128058 •