Test ID:	1.3.6.1.4.1.25623.1.0.800448
Category:	Databases
Title:	IBM Db2 'REPEAT()' Heap Buffer Overflow Vulnerability
Summary:	IBM Db2 and is prone to a buffer overflow vulnerability.
Description:	Summary: IBM Db2 and is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to error in 'REPEAT()' function when processing SELECT statement that has a long column name generated. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code with elevated privileges or crash the affected application. Affected Software/OS: IBM Db2 version 9.1 before FP9, 9.5 before FP6, 9.7 before FP2. Solution: Upgrade to IBM Db2 version 9.1 FP9 or 9.5 FP6 or 9.7 FP2 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0462 AIX APAR: IC65922 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922 AIX APAR: IC65933 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65933 AIX APAR: IC65935 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65935 BugTraq ID: 37976 http://www.securityfocus.com/bid/37976 http://intevydis.blogspot.com/2010/01/ibm-db2-97-heap-overflow.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14518 http://securitytracker.com/id?1023509 XForce ISS Database: db2-sysibm-bo(55899) https://exchange.xforce.ibmcloud.com/vulnerabilities/55899
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.