Published: 28/01/2010 Updated: 19/09/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm db2 9.1
ibm db2 9.5
ibm db2 9.7

source: wwwsecurityfocuscom/bid/37976/info IBM DB2 is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application The issue affects the fo ...

CWE-119 http://www.securityfocus.com/bid/37976 http://securitytracker.com/id?1023509 http://intevydis.blogspot.com/2010/01/ibm-db2-97-heap-overflow.html http://www-01.ibm.com/support/docview.wss?uid=swg21426108 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65935 http://www-01.ibm.com/support/docview.wss?uid=swg21432298 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65933 ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT https://exchange.xforce.ibmcloud.com/vulnerabilities/55899 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14518 https://nvd.nist.gov https://www.exploit-db.com/exploits/33572/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-0462

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect