CVE-2005-4863Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM DB2 Universal Database

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.0%
top 85.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2 Universal Database
Timeline
PublishedDec 31
Latest updateMay 1

Description

Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/db2_universal_database4 versions+3

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-77g4-qr46-24gf: Stack-based buffer overflow in db2fmp in IBM DB2 72022-05-01
CVEList
CVE-2005-4863: Stack-based buffer overflow in db2fmp in IBM DB2 72007-10-06
CVE-2005-4863 — IBM vulnerability | cvebase