Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM DB2 Invoke存储过程远程缓冲区溢出漏洞
Vulnerability Description
DB2是一款IBM的关系数据库软件。 DB2处理INVOKE存储过程命令缺少充分的边界缓冲区检查,远程攻击者可以利用这个漏洞触发缓冲区溢出,可能以DB2进程权限在系统上执行任意指令。 DB2的INVOKE命令可调用数据库中的过程存储,也就是所说的数据库应用远程接口(DARI)。攻击者提交特殊构建的INVOKE命令,可导致触发缓冲区溢出,精心构建提交数据可能以DB2进程权限在系统上执行任意指令。在Windows系统下一般为系统权限。
CVSS Information
N/A
Vulnerability Type
N/A