CVE-2015-1935 — IBM DB2 vulnerability

CWE-173 documents3 sources

Severity

8.0HIGHNVD

EPSS

4.2%

top 11.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2

Timeline

PublishedJul 20

Latest updateMay 14

Description

The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:CExploitability: 8.0 | Impact: 8.5

Affected Packages1 packages

▶NVDibm/db24 versions+3

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-86g2-w4vm-gqxw: The scalar-function implementation in IBM DB2 9↗2022-05-14

▶

CVEList

CVE-2015-1935: The scalar-function implementation in IBM DB2 9↗2015-07-20

▶