Stack-based buffer overflow in the Java Stored Procedure infrastructure in
IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5,
and 10.1 allows remote authenticated users to execute arbitrary code by
leveraging certain CONNECT and EXECUTE privileges.
Author | Note |
---|---|
tyhicks | A fix pack for 9.7 is not yet available as of 2012-07-25 |
www-01.ibm.com/support/docview.wss?uid=swg1IC84555
www-01.ibm.com/support/docview.wss?uid=swg1IC84752
www-01.ibm.com/support/docview.wss?uid=swg1IC84753
www-01.ibm.com/support/docview.wss?uid=swg1IC84754
www-01.ibm.com/support/docview.wss?uid=swg1IC84755
www-01.ibm.com/support/docview.wss?uid=swg21600837
launchpad.net/bugs/cve/CVE-2012-2197
nvd.nist.gov/vuln/detail/CVE-2012-2197
security-tracker.debian.org/tracker/CVE-2012-2197
www.cve.org/CVERecord?id=CVE-2012-2197