5 matches found
CVE-2023-27869
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could...
CVE-2023-27869 IBM Db2 code execution
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could...
CVE-2023-27869 IBM Db2 code execution
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could...
PT-2023-5224 · Ibm · Ibm Db2 Jdbc Driver
Name of the Vulnerable Software and Affected Versions: IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows versions 10.5, 11.1, and 11.5 Description: The issue is related to an unchecked logger injection in the IBM Db2 JDBC Driver, which could allow a remote authenticated attacker to execute...
Microsoft Exchange TraceFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the TraceFile class. The issue results from the exposure of a dangerous function...