Vulnerability Description
Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 9.1 |
| Ibm | Aix | All versions |
| Linux | Linux Kernel | All versions |
| Sun | Sunos | All versions |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC80561
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC80728
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC80729
- http://www-01.ibm.com/support/docview.wss?uid=swg21588093Vendor Advisory
- http://www.securityfocus.com/bid/77826
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73495
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC80561
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC80728
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC80729
- http://www-01.ibm.com/support/docview.wss?uid=swg21588093Vendor Advisory
- http://www.securityfocus.com/bid/77826
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73495
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2012-0711?
CVE-2012-0711 is a vulnerability with a CVSS score of 7.5 (HIGH). Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to e...
How severe is CVE-2012-0711?
CVE-2012-0711 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0711?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2, Ibm Aix, Linux Linux Kernel, Sun Sunos.