PT-2007-2515 · Ibm · Ibm Db2

Joshua J. Drake

Published

2007-02-23

Updated

2019-05-23

CVE-2007-1087

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 8.x before 8.1 FixPak 15 IBM DB2 versions 9.1 before Fix Pack 2

Description The issue is related to improper termination of certain input strings, which can lead to a heap-based buffer overflow. This allows local users to execute arbitrary code via unspecified environment variables.

Recommendations For IBM DB2 versions 8.x before 8.1 FixPak 15, apply FixPak 15 to resolve the issue. For IBM DB2 versions 9.1 before Fix Pack 2, apply Fix Pack 2 to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-1087

Affected Products

Ibm Db2

PT-2007-2515 · Ibm · Ibm Db2

CVE-2007-1087

Weakness Enumeration

Related Identifiers

Affected Products

References · 7