Vulnerabilities > CVE-2023-35012 - Stack-based Buffer Overflow vulnerability in IBM DB2 11.5
Attack vector
LOCAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 1 | |
OS | 1 | |
OS | 1 |