PT-2007-2515 · Ibm · Ibm Db2
Joshua J. Drake
·
Publicado
2007-02-23
·
Atualizado
2019-05-23
·
CVE-2007-1087
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM DB2 versions 8.x before 8.1 FixPak 15
IBM DB2 versions 9.1 before Fix Pack 2
Description
The issue is related to improper termination of certain input strings, which can lead to a heap-based buffer overflow. This allows local users to execute arbitrary code via unspecified environment variables.
Recommendations
For IBM DB2 versions 8.x before 8.1 FixPak 15, apply FixPak 15 to resolve the issue.
For IBM DB2 versions 9.1 before Fix Pack 2, apply Fix Pack 2 to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Db2