VYPR
High severity7.8NVD Advisory· Published Aug 26, 2019· Updated Jun 17, 2026

CVE-2019-4448

CVE-2019-4448

Description

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This results in arbitrary code being executed with root authority. IBM X-Force ID: 163489.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/DB2 High Performance Unloadllm-fuzzy2 versions
    6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2+ 1 more
    • (no CPE)range: 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2
    • (no CPE)range: 6.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.