2 matches found
CVE-2019-4587
CVE-2019-4587 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server). The IBM security bulletin states a local authenticated attacker could gain elevated privileges due to an unquoted search path in sshd_worker.exe, enabling arbitrary code execution with SYSTEM privileges. Aff...
Security Bulletin: IBM® Db2® is vulnerable to privilege escalation (CVE-2019-4587)
Summary Db2 could allow a local authenticated attacker to gain elevated privileges on the system, caused by an unquoted search path in sshdworker.exe. By inserting arbitrary file in the path, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges...