Vulnerabilities > CVE-2023-35012 - Stack-based Buffer Overflow vulnerability in IBM DB2 11.5

047910
CVSS 6.7 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
ibm
CWE-121

Summary

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.

Vulnerable Configurations

Part Description Count
Application
Ibm
1
OS
Ibm
1
OS
Linux
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)