PT-2012-5598 · Ibm · Ibm Db2

Martin Rakhmanov

Published

2012-10-20

Updated

2013-03-02

CVE-2012-4826

CVSS v2.0

8.5

High

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1

Description A stack-based buffer overflow issue exists in the SQL/PSM Stored Procedure infrastructure, potentially allowing remote authenticated users to execute arbitrary code by debugging a stored procedure.

Recommendations For IBM DB2 version 9.1, update to a version that includes the fix for this issue. For IBM DB2 version 9.5, update to a version that includes the fix for this issue. For IBM DB2 version 9.7, apply FP7 or a later fix pack to resolve the issue. For IBM DB2 version 9.8, update to a version that includes the fix for this issue. For IBM DB2 version 10.1, update to a version that includes the fix for this issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2012-4826

Affected Products

Ibm Db2

PT-2012-5598 · Ibm · Ibm Db2

CVE-2012-4826

Weakness Enumeration

Related Identifiers

Affected Products

References · 10