Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

IBM DB2 Multiple Vulnerabilities (Linux)

Information

Severity

Severity

Critical

Family

Family

Databases

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

3 years ago

Summary

The host is installed with IBM DB2 and is prone to multiple vulnerabilities.

Insight

Insight

The flaws are due to, - An unspecified error related to the DB2FMP process running with OS prvileges. - An error in INSTALL_JAR procedure might allow remote authenticated users to create or overwrite arbitrary files via unspecified calls. - A boundary error in DAS server code can be exploited to cause a buffer overflow via unspecified vectors.

Affected Software

Affected Software

IBM DB2 version 8 prior to Fixpak 17 IBM DB2 version 9.1 prior to Fixpak 5 IBM DB2 version 9.5 prior to Fixpak 2

Solution

Solution

Update DB2 8 Fixpak 17 or 9.1 Fixpak 5 or 9.5 Fixpak 2 or later.

Common Vulnerabilities and Exposures (CVE)