The host is installed with IBM DB2 9.1 before FP9 or 9.5 before FP6a or 9.7 before FP2 and is prone to Heap-based buffer overflow vulnerability. A flaw is present in the application which does not properly handle bounds check. Successful exploitation allow remote attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the database server to crash via a specially-crafted SELECT REPEAT query to a SYSIBM table.