IBM DB2 REPEAT()函数远程堆溢出漏洞

BUGTRAQ ID: 37976 IBM DB2是一个大型的商业关系数据库系统，面向电子商务、商业资讯、内容管理、客户关系管理等应用，可运行于AIX、HP-UX、Linux、Solaris、Windows等系统。 远程攻击者可以通过向REPEAT函数提交超长的SELECT语句参数触发堆溢出，导致执行任意指令。 IBM DB2 Universal Database 9.7 厂商补丁： IBM --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ers.ibm.com/ SELECT...

IBM DB2 - 'REPEAT()' Local Heap Buffer Overflow

source: https://www.securityfocus.com/bid/37976/info IBM DB2 is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash...

IBM DB2 - REPEAT() Local Heap Buffer Overflow

IBM DB2 - REPEAT Local Heap Buffer Overflow source: https://www.securityfocus.com/bid/37976/info IBM DB2 is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute...