CVE-2012-4826
HIGH severity · CVSS 8.5 · Memory corruption
8.5CVSS HIGH
Summary
Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure.
Impact & exploitability
Attack vectorNetwork
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)5%
AV:N/AC:M/Au:S/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86781Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21450666Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21614536Advisory
- http://osvdb.org/86414
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86765
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86782
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC86783
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC87192