PT-2009-6448 · Ibm · Ibm Db2
Published
2009-12-16
·
Updated
2010-06-29
·
CVE-2009-4325
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IBM DB2 versions 8.2 before FP18
IBM DB2 versions 9.1 before FP8
IBM DB2 versions 9.5 before FP5
IBM DB2 versions 9.7 before FP1
Description
The issue is related to the Client Interfaces component, which fails to validate an unspecified pointer. This allows attackers to overwrite external memory via unknown vectors due to a missing check for null pointers.
Recommendations
For IBM DB2 version 8.2, update to FP18 or later.
For IBM DB2 version 9.1, update to FP8 or later.
For IBM DB2 version 9.5, update to FP5 or later.
For IBM DB2 version 9.7, update to FP1 or later.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2