Product:

Db2_connect

(Ibm)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 17
Date Id Summary Products Score Patch Annotated
2017-09-12 CVE-2017-1452 IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180. Db2, Db2_connect 7.8
2017-09-12 CVE-2017-1451 IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178. Db2, Db2_connect 7.8
2017-09-12 CVE-2017-1439 IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058. Db2, Db2_connect 6.7
2017-09-12 CVE-2017-1438 IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057. Db2, Db2_connect 6.7
2017-09-12 CVE-2017-1520 IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830. Db2, Db2_connect 3.7
2017-09-12 CVE-2017-1519 IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829. Db2, Db2_connect 5.9
2017-09-12 CVE-2017-1434 IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user. Db2, Db2_connect 4.7
2017-06-27 CVE-2017-1297 IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159. Data_server_client, Data_server_driver_for_odbc_and_cli, Data_server_driver_package, Data_server_runtime_client, Db2, Db2_connect 7.3
2017-06-27 CVE-2017-1105 IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668. Data_server_client, Data_server_driver_for_odbc_and_cli, Data_server_driver_package, Data_server_runtime_client, Db2, Db2_connect 7.1
2016-09-30 CVE-2016-5995 Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program. Db2, Db2_connect 7.3