Lucene search
K

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/07/16 8:41 p.m.26 views

Security Bulletin: IBM® Db2® performs unsafe deserialization in DB2 JDBC driver (CVE-2017-1677)

Summary The Db2 JDBC driver deserializes an object unsafely potentially leading to arbitrary code execution. Vulnerability Details CVEID: CVE-2017-1677 DESCRIPTION: IBM Data Server Driver for JDBC and SQLJ deserializes the contents of /tmp/connlicj.bin which leads to object injection and...

7.8CVSS1.6AI score0.00733EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/23 12:0 a.m.140 views

IBM DB2 9.7 < FP11 Special Build 37314 / 10.1 < FP6 Special Build 37313 / 10.5 < FP10 Special Build 37311 / 11.1.3 < FP3 JDBC Driver Unsafe Deserialization Local Privilege Escalation (UNIX)

According to its version, the installation of IBM DB2 running on the remote host is either 9.7 prior to Fix Pack 11 Special Build 37314, 10.1 prior to Fix Pack 6 Special Build 37313, 10.5 prior to Fix Pack 10 Special Build 37311, or 11.1.3 prior to Fix Pack 3. It is, therefore, affected by a loca...

7.8CVSS7.5AI score0.00733EPSS
Exploits0References3
CVE
CVE
added 2018/03/22 12:0 p.m.63 views

CVE-2017-1677

CVE-2017-1677 affects IBM DB2 family via unsafe deserialization in the Data Server Driver for JDBC/SQLJ. The vulnerability occurs when the driver deserializes /tmp/connlicj.bin, enabling object injection and potentially arbitrary code execution depending on the classpath. Affected products/versio...

7.8CVSS7.9AI score0.00733EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder