Lucene search

MitreCVE-2007-4423

HistoryAug 18, 2007 - 9:17 p.m.

CVE-2007-4423

2007-08-1821:17:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-4423

ibm

db2 udb

buffer overflow

denial of service

arbitrary code

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.8

Confidence

High

EPSS

0.036

Percentile

91.7%

JSON

Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.

Affected configurations

Nvd

Node

ibmdb2_universal_databaseMatch8.0

ibmdb2_universal_databaseMatch9.0

ibmdb2_universal_databaseMatch9.1fp2

VendorProductVersionCPE
ibmdb2_universal_database8.0cpe:2.3:a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*
ibmdb2_universal_database9.0cpe:2.3:a:ibm:db2_universal_database:9.0:*:*:*:*:*:*:*
ibmdb2_universal_database9.1cpe:2.3:a:ibm:db2_universal_database:9.1:*:fp2:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2_universal_database	8.0	cpe:2.3:a:ibm:db2_universal_database:8.0:::::::*
ibm	db2_universal_database	9.0	cpe:2.3:a:ibm:db2_universal_database:9.0:::::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1::fp2:::::

References

secunia.com/advisories/26471

www-1.ibm.com/support/docview.wss?uid=swg1IZ01828

www-1.ibm.com/support/docview.wss?uid=swg21255607

www.appsecinc.com/resources/alerts/db2/2007-01.shtml

www.attrition.org/pipermail/vim/2007-August/001765.html

www.securityfocus.com/archive/1/478313/100/0/threaded

www.securityfocus.com/bid/25339

www.securitytracker.com/id?1018640

www.vupen.com/english/advisories/2007/2912

exchange.xforce.ibmcloud.com/vulnerabilities/36065

exchange.xforce.ibmcloud.com/vulnerabilities/36111

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.8

Confidence

High

EPSS

0.036

Percentile

91.7%

JSON

Related for CVE-2007-4423