CVE-2021-39049: Buffer Overflow
First published: Mon Dec 13 2021(Updated: )
IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM i2 Analysts Notebook |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
How does IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 get affected by CVE-2021-39049?
It is vulnerable to a stack-based buffer overflow due to improper bounds checking.
What is the severity of CVE-2021-39049 vulnerability in IBM i2 Analyst's Notebook?
The severity is rated as high with a CVSS score of 7.8.
What can a local attacker achieve by exploiting CVE-2021-39049 in IBM i2 Analyst's Notebook?
They could overflow a buffer and gain lower level privileges.
Is there a fix available for CVE-2021-39049 in IBM i2 Analyst's Notebook?
Refer to IBM support pages for mitigation details.
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/ibm
- canonical/ibm i2 analysts notebook