Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2197

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2012-2197
Last Modified 30 Jul 2012 12:00:00
Published 25 Jul 2012 06:42:34
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication SINGLE_INSTANCE

CVE-2012-2197

Summary

Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges.

Vulnerable Systems

Application

  • Ibm Db2 10.1

  • Ibm Db2 9.1

  • Ibm Db2 9.1.0.1

  • Ibm Db2 9.1.0.10

  • Ibm Db2 9.1.0.11

  • Ibm Db2 9.1.0.2

  • Ibm Db2 9.1.0.3

  • Ibm Db2 9.1.0.4

  • Ibm Db2 9.1.0.5

  • Ibm Db2 9.1.0.6

  • Ibm Db2 9.1.0.7

  • Ibm Db2 9.1.0.8

  • Ibm Db2 9.1.0.9

  • Ibm Db2 9.5

  • Ibm Db2 9.5.0.1

  • Ibm Db2 9.5.0.2

  • Ibm Db2 9.5.0.3

  • Ibm Db2 9.5.0.4

  • Ibm Db2 9.5.0.5

  • Ibm Db2 9.5.0.6

  • Ibm Db2 9.5.0.7

  • Ibm Db2 9.5.0.8

  • Ibm Db2 9.5.0.9

  • Ibm Db2 9.7

  • Ibm Db2 9.7.0.1

  • Ibm Db2 9.7.0.2

  • Ibm Db2 9.7.0.3

  • Ibm Db2 9.7.0.4

  • Ibm Db2 9.7.0.5

  • Ibm Db2 9.7.0.6

  • Ibm Db2 9.8

  • Ibm Db2 9.8.0.3

  • Ibm Db2 9.8.0.4

  • Ibm Db2 9.8.0.5


References

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21600837

AIXAPAR - IC84755

AIXAPAR - IC84754

AIXAPAR - IC84753

AIXAPAR - IC84752

AIXAPAR - IC84555


Last Updated: 27 May 2016 10:57:34