CVE-2015-1935
high
CVSS v3
—
CVSS v2
8.0
VIR risk
8.0
Description
The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21902661
Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg1IT08543
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08543
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08656
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08667
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08668
- http://www-01.ibm.com/support/docview.wss?uid=swg21902661
- http://www.securityfocus.com/bid/75908
- http://www.securitytracker.com/id/1033063
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08543
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08656
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08667
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT08668
- http://www-01.ibm.com/support/docview.wss?uid=swg21902661
- http://www.securityfocus.com/bid/75908
- http://www.securitytracker.com/id/1033063
CWEs
CWE-17
Verify integrity in audit chain (admin only). AS-IS.