Stack Overflow Vulnerability in IBM DB2 Universal Data Base v7.2 for Windows

Reported October 24, 2003 by Application Security, Inc.

 

 

VERSIONS AFFECTED

 

IBM DB2 Universal Database 7.2 for Windows

 

DESCRIPTION

 

A stack-overflow vulnerability in DB2 Universal Database 7.2 for Windows can result in the execution of arbitrary code on the vulnerable server. To exploit this vulnerability, an attacker can issue a carefully crafted Invoke command.

 

VENDOR RESPONSE

 

IBM has released Fixpak 10a for DB2 v7.2 to fix this vulnerability.

 

CREDIT

 

Discovered by Application Security, Inc.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish