CVE-2014-3094

Published Sep 4, 2014

Last updated 7 years ago

Overview

Description: Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to execute arbitrary code via a crafted ALTER MODULE statement.
Source: psirt@us.ibm.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 10
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B1F07F2-3F58-4999-97E9-50C627D9CB84"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D72D43DB-9A92-4E12-853B-F5FC9421D5EA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.8.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "734E79E6-4A83-4CBF-B8B3-2D6D4491728E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.8.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3631F758-5C8F-4D24-81C1-D6146B0209CB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:9.8.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CB6E617-98EA-4944-9211-FFEE9E50FE55"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944"
          },
          {
            "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References