CVE-2020-4701

Summary

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

Affected Software

VendorProductVersion RangeStatus
IBMDB2 for Linux, UNIX and Windows10.5affected
IBMDB2 for Linux, UNIX and Windows11.1affected
IBMDB2 for Linux, UNIX and Windows11.5affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References