CVE-2019-4016
Published Mar 11, 2019
Last updated 2 years ago
Overview
- Description
- IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 8.4
- Impact score
- 5.9
- Exploitability score
- 2.5
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-120
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05" }, { "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B" }, { "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368" }, { "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DC3F2DB-9AE2-4B11-A838-167E857D831D" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" } ], "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05" }, { "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B" }, { "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368" }, { "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DC3F2DB-9AE2-4B11-A838-167E857D831D" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" } ], "operator": "OR" } ], "operator": "AND" } ]