CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | db2 | 9.1 | cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:* |
ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:* |
ibm | db2 | 9.7 | cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:* |
ibm | db2 | 9.8 | cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:* |
ibm | db2 | 10.1 | cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:* |
ibm | db2_connect | 9.1 | cpe:2.3:a:ibm:db2_connect:9.1:*:*:*:*:*:*:* |
ibm | db2_connect | 9.5 | cpe:2.3:a:ibm:db2_connect:9.5:*:*:*:*:*:*:* |
ibm | db2_connect | 9.7 | cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:* |
ibm | db2_connect | 9.8 | cpe:2.3:a:ibm:db2_connect:9.8:*:*:*:*:*:*:* |
ibm | db2_connect | 10.1 | cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:* |
secunia.com/advisories/52663
secunia.com/advisories/53704
www-01.ibm.com/support/docview.wss?uid=swg1IC92463
www-01.ibm.com/support/docview.wss?uid=swg1IC92495
www-01.ibm.com/support/docview.wss?uid=swg1IC92496
www-01.ibm.com/support/docview.wss?uid=swg1IC92498
www-01.ibm.com/support/docview.wss?uid=swg21639194
www-01.ibm.com/support/docview.wss?uid=swg21639355
www.securityfocus.com/bid/60255
exchange.xforce.ibmcloud.com/vulnerabilities/84358