CVE-2017-1105

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
ibmdata_server_client
-
ibmdata_server_driver_for_odbc_and_cli
-
ibmdata_server_driver_package
-
ibmdata_server_runtime_client
-
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
9.7
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.1
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
10.5
ibmdb2
11.1
ibmdb2
11.1
ibmdb2
11.1
ibmdb2
11.1
ibmdb2
11.1
ibmdb2_connect
9.7
ibmdb2_connect
9.7
ibmdb2_connect
9.7
ibmdb2_connect
10.1
ibmdb2_connect
10.1
ibmdb2_connect
10.1
ibmdb2_connect
10.5
ibmdb2_connect
10.5
ibmdb2_connect
10.5
ibmdb2_connect
11.1.0.0
ibmdb2_connect
11.1.0.0
ibmdb2_connect
11.1.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg22003877
http://www.securityfocus.com/bid/99264
http://www.securitytracker.com/id/1038773
https://exchange.xforce.ibmcloud.com/vulnerabilities/120668
http://www.ibm.com/support/docview.wss?uid=swg22003877
http://www.securityfocus.com/bid/99264
http://www.securitytracker.com/id/1038773
https://exchange.xforce.ibmcloud.com/vulnerabilities/120668