Summary
This host is installed with IBM DB2 and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow attacker to cause denial of service.
Impact Level: Application.
Solution
Upgrade to IBM DB2 version 9.5 FP9 or later,
For updates refer to http://www-01.ibm.com/support/docview.wss?uid=swg21588098
Insight
This flaw is due to an unspecified error within the DAS component can be exploited to compromise the component or cause a denial of service.
Affected
IBM DB2 version 9.1 through FP11
IBM DB2 version 9.5 through FP8
IBM DB2 version 9.7 through FP5
References
Severity
Classification
-
CVE CVE-2012-0711 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Sybase SQL Blank Password
- Oracle Database Server 'RDBMS' component Denial of Service Vulnerability
- Oracle Database Server MDSYS.MD Buffer Overflows and Denial of Service Vulnerabilities
- Oracle Database Server Multiple Unspecified Vulnerabilities - Jan 08
- IBM DB2 UTL_FILE Module Directory Traversal Vulnerability (Windows)