CVE-2013-3475

high

Description

Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84358

http://www.securityfocus.com/bid/60255

http://www-01.ibm.com/support/docview.wss?uid=swg21639355

http://www-01.ibm.com/support/docview.wss?uid=swg21639194

http://www-01.ibm.com/support/docview.wss?uid=swg1IC92498

http://www-01.ibm.com/support/docview.wss?uid=swg1IC92496

http://www-01.ibm.com/support/docview.wss?uid=swg1IC92495

http://www-01.ibm.com/support/docview.wss?uid=swg1IC92463

http://secunia.com/advisories/53704

http://secunia.com/advisories/52663

Details

Source: Mitre, NVD

Published: 2013-06-05

Updated: 2018-09-25

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H