CVE-2005-4864Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM DB2 Universal Database

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.0%
top 85.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2 Universal Database
Timeline
PublishedDec 31
Latest updateMay 1

Description

Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/db2_universal_database5 versions+4

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-hv4v-qgpx-4225: Stack-based buffer overflow in libdb22022-05-01
CVEList
CVE-2005-4864: Stack-based buffer overflow in libdb22007-10-06
CVE-2005-4864 — IBM vulnerability | cvebase