CVE-2018-1459: Buffer Overflow
First published: Fri May 25 2018(Updated: )
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Force ID: 140210.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Db2 | =9.7 | |
| IBM Db2 | =10.1 | |
| IBM Db2 | =10.5 | |
| IBM Db2 | =11.1 | |
| Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-1459?
CVE-2018-1459 is classified as a critical vulnerability due to the potential for arbitrary code execution.
How does CVE-2018-1459 affect IBM DB2?
CVE-2018-1459 affects multiple versions of IBM DB2 through a stack-based buffer overflow caused by improper bounds checking.
How do I fix CVE-2018-1459?
To fix CVE-2018-1459, it is recommended to apply the latest patches provided by IBM for affected versions of DB2.
What systems are impacted by CVE-2018-1459?
CVE-2018-1459 impacts IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 running on Linux, UNIX, and Windows.
Can CVE-2018-1459 be exploited remotely?
Yes, CVE-2018-1459 can be exploited remotely, making it a critical security risk.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm db2
- version/ibm db2/9.7
- version/ibm db2/10.1
- version/ibm db2/10.5
- version/ibm db2/11.1
- vendor/linux
- canonical/linux kernel
- vendor/microsoft
- canonical/microsoft windows