CVE-2011-0731

IBM DB2 < 9.1 FP10, < 9.5 FP7, < 9.7 FP3 - Remote Code Execution via Buffer Overflow in DB2 Administration Server

Title source: llm
STIX 2.1

Description

Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors.

References (7)

Core 7
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71203
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/46052
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/70683
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14699
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC72028
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43059
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC72029

Scores

EPSS 0.0446
EPSS Percentile 90.3%

Details

CWE
CWE-119
Status published
Products (6)
ibm/db2 9.1 (14 CPE variants)
ibm/db2 9.5 (11 CPE variants)
ibm/db2 9.7 (2 CPE variants)
ibm/db2 < 9.1
ibm/db2 < 9.5
ibm/db2 < 9.7
Published Feb 01, 2011
Tracked Since Feb 18, 2026