CVE-2007-4423

CWE-119 — Buffer Overflow3 documents3 sources

Severity

5.0MEDIUM

EPSS

1.1%

top 22.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2 Universal Database

Timeline

PublishedAug 18

Latest updateMay 1

Description

Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/db2_universal_database8.0, 9.0, 9.1+2

Patches

Patch: secunia.com ↗Patch: www-1.ibm.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-jw92-2pmf-g68h: Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9↗2022-05-01

▶

CVEList

CVE-2007-4423: Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9↗2007-08-18

▶