CVE-2015-1935
HIGH severity · CVSS 8 · CWE-17
8CVSS HIGH
Summary
The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)4%
AV:N/AC:L/Au:S/C:P/I:P/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Official patch: http://www-01.ibm.com/support/docview.wss?uid=swg21902661 ↗
Additional information
- NVD record
- http://www-01.ibm.com/support/docview.wss?uid=swg21902661Patch
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08543Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08656
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08667
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08668
- http://www.securityfocus.com/bid/75908
- http://www.securitytracker.com/id/1033063