CVE-2018-1710: Buffer Overflow
First published: Tue Sep 18 2018(Updated: )
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Db2 | =10.1 | |
| IBM Db2 | =10.5 | |
| IBM Db2 | =11.1 | |
| Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-1710?
CVE-2018-1710 is classified as a high severity vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2018-1710?
To fix CVE-2018-1710, upgrade to a newer, patched version of IBM DB2 that addresses this buffer overflow vulnerability.
What versions of IBM DB2 are affected by CVE-2018-1710?
CVE-2018-1710 affects IBM DB2 versions 10.1, 10.5, and 11.1.
Can CVE-2018-1710 be exploited remotely?
Yes, CVE-2018-1710 can potentially be exploited remotely, allowing an attacker to execute arbitrary code.
What component of IBM DB2 does CVE-2018-1710 affect?
CVE-2018-1710 specifically affects the db2licm tool within IBM DB2.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm db2
- version/ibm db2/10.1
- version/ibm db2/10.5
- version/ibm db2/11.1
- vendor/linux
- canonical/linux kernel
- vendor/microsoft
- canonical/microsoft windows