IBM DB2 8.x prior to 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 8.0 |
||
ibm db2 8.1.8a |
||
ibm db2 8.1.9 |
||
ibm db2 8.1.9a |
||
ibm db2 8.1 |
||
ibm db2 8.1.4 |
||
ibm db2 8.1.5 |
||
ibm db2 8.1.6 |
||
ibm db2 8.1.7 |
||
ibm db2 8.1.8 |
||
ibm db2 9.1 |
||
ibm db2 8.1.6c |
||
ibm db2 8.1.7b |