Db2 Connect@11.1.0.0 Security Vulnerabilities and Issues — Db2 Connect@11.1.0.0 CVE List

Lucene search

IbmDb2 Connect11.1.0.0

10 matches found

CVE•added 2017/06/27 4:29 p.m.•67 views

CVE-2017-1297

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159.

7.3CVSS7.3AI score0.00266EPSS

CVE•added 2017/09/12 9:29 p.m.•52 views

CVE-2017-1434

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.

4.7CVSS5.2AI score0.00068EPSS

CVE•added 2017/06/27 4:29 p.m.•50 views

CVE-2017-1105

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668.

7.1CVSS7AI score0.00065EPSS

CVE•added 2016/10/01 1:59 a.m.•49 views

CVE-2016-5995

Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.

7.3CVSS7AI score0.0005EPSS

CVE•added 2017/09/12 9:29 p.m.•47 views

CVE-2017-1451

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178.

7.8CVSS7.3AI score0.00059EPSS

CVE•added 2017/09/12 9:29 p.m.•45 views

CVE-2017-1452

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180.

7.8CVSS7.3AI score0.00059EPSS

CVE•added 2017/09/12 9:29 p.m.•42 views

CVE-2017-1438

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.

7.2CVSS6.6AI score0.00072EPSS

CVE•added 2017/09/12 9:29 p.m.•42 views

CVE-2017-1439

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.

7.2CVSS6.6AI score0.00072EPSS

CVE•added 2017/09/12 9:29 p.m.•41 views

CVE-2017-1520

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

4.3CVSS5.6AI score0.00199EPSS

CVE•added 2017/09/12 9:29 p.m.•40 views

CVE-2017-1519

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.

5.9CVSS6AI score0.01513EPSS