漏洞信息详情
IBM DB2 代码问题漏洞
- CNNVD编号:CNNVD-202011-1664 <!--
- 危害等级: 高危-->
- 危害等级: 高危
- CVE编号: CVE-2020-4739
- 漏洞类型: 代码问题
- 发布时间: 2020-11-19
- 威胁类型: 本地
- 更新时间: 2021-09-14
- 厂 商:
- 漏洞来源:
-
漏洞简介
IBM DB2是美国IBM公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。
IBM DB2 存在代码问题漏洞,攻击者可利用该漏洞可以创建一个恶意的DLL,然后将其放到IBM DB2的当前目录中,以便执行代码。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://www.ibm.com/support/pages/node/6370023
参考网址
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/188149
来源:CONFIRM
链接:https://www.ibm.com/support/pages/node/6370023
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-3/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-2/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2559
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-10/
来源:www.ibm.com
链接:https://www.ibm.com/support/pages/node/6488431
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-12/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4210/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-11/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-warehouse-has-released-a-fix-in-response-to-multiple-vulnerabilities-found-in-ibm-db2/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-14/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-13/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-ibm-db2-shipped-with-ibm-storediq-for-legal/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-db2-affect-the-ibm-spectrum-protect-server-cve-2020-4701-cve-2020-4739/
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2020-4739
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/IBM-DB2-executing-DLL-code-33937
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4118/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-5/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-4/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-6/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4118.2/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-9/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-authenticated-attacker-to-execute-arbitrary-code-on-the-system-caused-by-dll-search-order-hijacking-vulnerability-in-microsoft-windows-clie-8/
受影响实体
暂无
补丁
- IBM DB2 代码问题漏洞的修复措施<!--2020-11-19-->
还没有评论,来说两句吧...