CVE-2012-2197

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 9.1 before FP12 IBM DB2 versions 9.5 through FP9 IBM DB2 versions 9.7 through FP6 IBM DB2 versions 9.8 through FP5 IBM DB2 versions 10.1

Description The issue is related to a stack-based buffer overflow in the Java Stored Procedure infrastructure. This allows remote authenticated users with certain CONNECT and EXECUTE privileges to execute arbitrary code.

Recommendations For IBM DB2 version 9.1, update to FP12 or later. For IBM DB2 version 9.5, update to FP10 or later. For IBM DB2 version 9.7, update to FP7 or later. For IBM DB2 version 9.8, update to FP6 or later. For IBM DB2 version 10.1, update to a version that includes the fix for this issue.