High Severity

Security Bulletin: IBM® Db2® is vulnerable to a buffer overflow (CVE-2020-4701)

Share this post:

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V10.5, V11.1, and V11.5 editions on all platforms are affected.  IBM Db2 V10.1 and 9.7 are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6370025

More stories

Security Bulletin: IBM API Connect is vulnerable to denial of service (DoS) via Node.js (CVE-2020-8277)

Mar 6, 2021 7:00 pm EST | High Severity

IBM API Connect has addressed the following vulnerability. ...read more

Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony

Mar 5, 2021 7:00 pm EST | High Severity

Vulnerability exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3.1, V7.3, V7.2.1, and V7.2.0.2. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.12.1 (which resolves the vulnerability) are available on IBM Fix Central. ...read more

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Mar 5, 2021 7:00 pm EST | High Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more