Lucene search

K

Ubuntu.comUB:CVE-2012-0711

HistoryMar 20, 2012 - 12:00 a.m.

CVE-2012-0711

2012-03-2000:00:00

ubuntu.com

ubuntu.com

9

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.139 Low

EPSS

Percentile

95.7%

Integer signedness error in the db2dasrrm process in the DB2 Administration
Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through
FP5 on UNIX platforms allows remote attackers to execute arbitrary code via
a crafted request that triggers a heap-based buffer overflow.

Notes

Author	Note
tyhicks	Fixed in 9.7 FP6

References

www-01.ibm.com/support/docview.wss?uid=swg1IC80561

www-01.ibm.com/support/docview.wss?uid=swg1IC80728

www-01.ibm.com/support/docview.wss?uid=swg1IC80729

www-01.ibm.com/support/docview.wss?uid=swg21588093

xforce.iss.net/xforce/xfdb/73495

launchpad.net/bugs/cve/CVE-2012-0711

nvd.nist.gov/vuln/detail/CVE-2012-0711

security-tracker.debian.org/tracker/CVE-2012-0711

www.cve.org/CVERecord?id=CVE-2012-0711

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.139 Low

EPSS

Percentile

95.7%

Related for UB:CVE-2012-0711

cve1 cvelist1 prion1 openvas2 nvd1 ibm1 nessus3