Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote malicious users to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 universal database 7.0 |
||
ibm db2 universal database 7.2 |
||
ibm db2 universal database 8.0 |
||
ibm db2 universal database 8.1 |
||
ibm db2 universal database 7.1 |