CVE-2014-3094

Published: Sep 4, 2014Modified: May 6, 2026

8.5

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability: 6.8 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to execute arbitrary code via a crafted ALTER MODULE statement.

Affected (25)

Products: Ibm: Db2

1 product

Configuration A

25 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ibm Db2	Version 10.1.0.1
Ibm Db2	Version 10.1.0.2
Ibm Db2	Version 10.1.0.3
Ibm Db2	Version 10.1.0.4
Ibm Db2	Version 10.1
Ibm Db2	Version 10.5.0.1
Ibm Db2	Version 10.5.0.2
Ibm Db2	Version 10.5.0.3
Ibm Db2	Version 10.5.0.3 a
Ibm Db2	Version 10.5
Ibm Db2	Version 9.7.0.1
Ibm Db2	Version 9.7.0.2
Ibm Db2	Version 9.7.0.3
Ibm Db2	Version 9.7.0.4
Ibm Db2	Version 9.7.0.5
Ibm Db2	Version 9.7.0.6
Ibm Db2	Version 9.7.0.7
Ibm Db2	Version 9.7.0.8
Ibm Db2	Version 9.7.0.9
Ibm Db2	Version 9.7.0.9 a
Ibm Db2	Version 9.7
Ibm Db2	Version 9.8.0.3
Ibm Db2	Version 9.8.0.4
Ibm Db2	Version 9.8.0.5
Ibm Db2	Version 9.8

Running on/with	Platform Versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (20)

http://secunia.com/advisories/58616

Source: psirt@us.ibm.com

http://secunia.com/advisories/60845

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02291

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02592

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02593

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02594

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21681631

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21683296

Source: psirt@us.ibm.com

http://www.securityfocus.com/bid/69550

Source: psirt@us.ibm.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/94260

Source: psirt@us.ibm.com

http://secunia.com/advisories/58616

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/60845

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02291

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02592

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02593

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IT02594

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21681631

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21683296

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/69550

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/94260

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.