PT-2018-13125 · Ibm · Ibm Db2
Published
2018-07-10
·
Updated
2019-10-09
·
CVE-2018-1566
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) versions 9.7, 10.1, 10.5, and 11.1
Description
The issue is caused by a format string error, which could allow a local user to execute arbitrary code.
Recommendations
For versions 9.7, 10.1, 10.5, and 11.1, update to a version that includes the fix for the format string error.
Fix
Use of Externally-Controlled Format String
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2