2 matches found
Security vulnerabilities have been identified in IBM DB2 shipped with IBM Maximo Asset Management (CVE-2019-4448, CVE-2019-4447)
Summary IBM DB2 is shipped as a component of IBM Maximo Asset Management. Information about the security vulnerability affecting IBM DB2 has been published in a security bulletin. Vulnerability Details CVEID: CVE-2019-4447 DESCRIPTION: IBM DB2 High Performance Unload load shared libraries from an...
CVE-2019-4448
CVE-2019-4448 affects IBM DB2 High Performance Unload (HPU) load for LUW. The vulnerable binaries db2hpum and db2hpum_debug are setuid root and provide built-in options to load arbitrary libraries from a privileged context, enabling a low-privilege user to execute arbitrary code with root authori...