Heap-based buffer overflow vulnerability in the db2dasrrm process in IBM DB2 (Linux)ID: oval:org.secpod.oval:def:5161 | Date: (C)2012-04-18 (M)2021-09-12 |
Class: VULNERABILITY | Family: unix |
The host is installed with IBM DB2 9.1 through FP11 or 9.5 before FP9 or 9.7 through FP5 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which is caused by a signedness error in the db2dasrrm process. Successful exploitation allows remote attackers to overflow a buffer and execute arbitrary code on the system with DAS privileges or cause the database server to crash.