Page 20 of 343 results (0.003 seconds)

CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-4523

https://notcve.org/view.php?id=CVE-2019-4523

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481. Una carga de IBM DB2 High Performance Unload para LUW versiones 6.1 y 6.5, es vulnerable a un desbordamiento del búfer, causado por una comprobación de límites inapropiada que podría permitir a un atacante local ejecutar código arbitrario en el sistema con privilegios de root. ID de IBM X-Force: 165481. • https://exchange.xforce.ibmcloud.com/vulnerabilities/165481 https://supportcontent.ibm.com/support/pages/node/1073236 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-4448

https://notcve.org/view.php?id=CVE-2019-4448

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This results in arbitrary code being executed with root authority. IBM X-Force ID: 163489. IBM DB2 High Performance Unload carga para LUW versiones 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1 y 6.1.0.1 IF2, los archivos binarios db2hpum y db2hpum_debug, que son root de setuid y presentan opciones integradas que permiten a un usuario poco privilegiado la capacidad de cargar bibliotecas db2 arbitrarias desde un contexto privilegiado. Esto resulta en un código arbitrario que es ejecutado con autorización root. • http://www.ibm.com/support/docview.wss?uid=ibm10964592 https://exchange.xforce.ibmcloud.com/vulnerabilities/163489 • CWE-269: Improper Privilege Management •

CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-4447

https://notcve.org/view.php?id=CVE-2019-4447

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. A low privileged user can execute arbitrary commands as root by altering the PATH variable to point to a user controlled location. When a crash is induced the trojan gdb command is executed. IBM X-Force ID: 163488. IBM DB2 High Performance Unload carga para LUW versiones 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1 y 6.1.0.1 IF2, el archivo db2hpum_debug, que es un binario root de setuid que confía en la variable de entorno PATH. • http://www.ibm.com/support/docview.wss?uid=ibm10964592 https://exchange.xforce.ibmcloud.com/vulnerabilities/163488 • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2019-4386

https://notcve.org/view.php?id=CVE-2019-4386

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an authenticated user to execute a function that would cause the server to crash. IBM X-Force ID: 162714. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) en la versión 11.1 podría permitir que un usuario autenticado ejecute una función que podría hacer que el servidor se bloquee. ID de IBM X-Force: 162714. • http://www.securityfocus.com/bid/109019 https://exchange.xforce.ibmcloud.com/vulnerabilities/162174 https://www.ibm.com/support/docview.wss?uid=ibm10886809 • CWE-749: Exposed Dangerous Method or Function •

CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2019-4322

https://notcve.org/view.php?id=CVE-2019-4322

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 161202. IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, y 11.1 es vulnerable a un desbordamiento de búfer, lo que podría permitir que un atacante local autenticado ejecute código arbitrario en el sistema como root. IBM X-Force ID: 161202. • http://www.securityfocus.com/bid/109002 https://exchange.xforce.ibmcloud.com/vulnerabilities/161202 https://www.ibm.com/support/docview.wss?uid=ibm10884444 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •