CVE-2003-0759

IBM DB2 Universal Data Base <7.2 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0759. PoCs published by Juan Escriba.

AI-analyzed exploit summary This exploit targets a local buffer overflow in IBM DB2 v7.1's db2licm utility on Linux/x86. It uses a carefully crafted environment variable and command-line argument to overwrite the stack and execute shellcode, granting a root shell.

Description

Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Juan Escriba · clocallinux
https://www.exploit-db.com/exploits/106

This exploit targets a local buffer overflow in IBM DB2 v7.1's db2licm utility on Linux/x86. It uses a carefully crafted environment variable and command-line argument to overwrite the stack and execute shellcode, granting a root shell.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: IBM DB2 v7.1 Linux/x86
No auth needed
Prerequisites: Local access to the target system · Presence of IBM DB2 v7.1 with db2licm utility
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/8553
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/n-154.shtml
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106389919618721&w=2

Scores

EPSS 0.0105
EPSS Percentile 59.9%

Details

Status published
Products (1)
ibm/db2_universal_database 7.2
Published Oct 06, 2003
Tracked Since Feb 18, 2026