Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1583

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1583
Last Modified 05 Sep 2008 04:30:59
Published 28 Sep 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1583

Summary

Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 6.0

  • Ibm Db2 Universal Database 7.0

  • Ibm Db2 Universal Database 7.1

  • Ibm Db2 Universal Database 7.2

  • Ibm Db2 Universal Database 8.2


References

IBM - MSS-OAR-E01-2002:318.1

BID - 4817

XF - ibm-db2-db2ckpw-bo(9078)


Last Updated: 27 May 2016 10:37:24