Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0711

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-0711
Last Modified 13 Aug 2012 11:34:40
Published 20 Mar 2012 04:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0711

Summary

Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Ibm Db2 9.1

  • Ibm Db2 9.5

  • Ibm Db2 9.7


References

XF - db2-db2dasrrm-bo(73495)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21588093

AIXAPAR - IC80729

AIXAPAR - IC80728

AIXAPAR - IC80561


Last Updated: 27 May 2016 10:47:11