CVE-2013-3475

IBM DB2 and DB2 Connect 9.1-10.1 - Local Privilege Escalation via Stack-Based Buffer Overflow in Audit Facility

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors.

References (10)

Core 10
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92495
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92496
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92463
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/84358
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/53704
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60255
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92498
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21639355
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/52663
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21639194

Scores

EPSS 0.0043
EPSS Percentile 34.8%

Details

CWE
CWE-119
Status published
Products (11)
ibm/db2 9.1
ibm/db2 9.5
ibm/db2 9.7
ibm/db2 9.8
ibm/db2 10.1
ibm/db2_connect 9.1
ibm/db2_connect 9.5
ibm/db2_connect 9.7
ibm/db2_connect 9.8
ibm/db2_connect 10.1
... and 1 more
Published Jun 05, 2013
Tracked Since Feb 18, 2026