Summary
The host is installed with IBM DB2 and is prone to Buffer Overflow vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary code with elevated privileges or crash the affected application.
Impact Level: System/Application
Solution
Upgrade to IBM DB2 version 9.1 FP9 or 9.5 FP6 or 9.7 FP2 or later. For updates refer to,
http://www-01.ibm.com/software/data/db2/express/download.html
Insight
The flaw is due to error in 'REPEAT()' function when processing SELECT statement that has a long column name generated.
Affected
IBM DB2 version 9.1 before FP9, 9.5 before FP6, 9.7 before FP2.
References
Severity
Classification
-
CVE CVE-2010-0462 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- IBM DB2 Self Tuning Memory Manager (STMM) DOS Vulnerability (Win)
- Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
- IBM solidDB 'SELECT' Statement Denial Of Service Vulnerability
- PostgreSQL Multiple Integer Overflow Vulnerabilities July14 (Windows)
- MySQL Multiple Denial of Service Vulnerabilities