Two vulnerabilities in IBM DB2
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-1105 CVE-2017-1297 |
| CWE-ID | CWE-120 CWE-121 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
IBM DB2 Server applications / Database software Other |
| Vendor |
IBM Corporation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU7189
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear]
CVE-ID: CVE-2017-1105
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in IBM DB2 due to buffer overflow. A local attacker can trigger memory corruption to overwrite DB2 files and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 11.1.2 FP2; APARs IT20563, IT20461, IT20568, IT20567.
Vulnerable software versionsIBM DB2: 9.7 - 11.1.0.0
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_db2:9.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_db2:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_db2:10.5:*:*:*:*:*:*:*
- cpe:2.3::::11.1.0.0:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg22003877
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU7190
Risk: Low
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/U:Clear]
CVE-ID: CVE-2017-1297
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in IBM DB2 due to stack-based buffer overflow in the Command Line Process (CLP). A local attacker can supply specially crafted data to trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update to version 11.1.2 FP2; APARs IT20498, IT20570, IT20571.
Vulnerable software versionsIBM DB2: 9.7 - 11.1.0.0
CPE2.3https://www-01.ibm.com/support/docview.wss?uid=swg22004878
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
