CVE-2012-4826: Buffer Overflow
First published: Sat Oct 20 2012(Updated: )
Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Db2 | =9.1 | |
| Ibm Db2 | =9.5 | |
| Ibm Db2 | =9.7 | |
| Ibm Db2 | =9.7.0.1 | |
| Ibm Db2 | =9.7.0.2 | |
| Ibm Db2 | =9.7.0.3 | |
| Ibm Db2 | =9.7.0.4 | |
| Ibm Db2 | =9.7.0.5 | |
| Ibm Db2 | =9.7.0.6 | |
| Ibm Db2 | =9.8 | |
| Ibm Db2 | =10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/86414
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86765
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86781
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86782
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86783
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC87192
- http://www-01.ibm.com/support/docview.wss?uid=swg21450666
- http://www-01.ibm.com/support/docview.wss?uid=swg21614536
- http://www.securityfocus.com/bid/56133
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- vendor/ibm
- canonical/ibm db2
- version/ibm db2/9.1
- version/ibm db2/9.5
- version/ibm db2/9.7
- version/ibm db2/9.7.0.1
- version/ibm db2/9.7.0.2
- version/ibm db2/9.7.0.3
- version/ibm db2/9.7.0.4
- version/ibm db2/9.7.0.5
- version/ibm db2/9.7.0.6
- version/ibm db2/9.8
- version/ibm db2/10.1