CVE-2003-0836 — Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM DB2 Universal Database

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

1.0%

top 22.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2 Universal Database

Timeline

PublishedNov 17

Latest updateApr 29

Description

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDibm/db2_universal_database7.2, 8.1+1

🔴Vulnerability Details

GHSA

GHSA-727m-cq8c-8qrv: Stack-based buffer overflow in IBM DB2 Universal Data Base 7↗2022-04-29

▶

CVEList

CVE-2003-0836: Stack-based buffer overflow in IBM DB2 Universal Data Base 7↗2003-10-08

▶