CVE-2023-35012
published 2023-07-17CVE-2023-35012: IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | — | — |