8.5
CVE-2012-4826
- EPSS 4.91%
- Veröffentlicht 20.10.2012 10:41:27
- Zuletzt bearbeitet 16.06.2026 23:45:45
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.91% | 0.91 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.5 | 6.8 | 10 |
AV:N/AC:M/Au:S/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://osvdb.org/86414
http://www-01.ibm.com/support/docview.wss?uid=swg1IC86765
http://www-01.ibm.com/support/docview.wss?uid=swg1IC86781
http://www-01.ibm.com/support/docview.wss?uid=swg1IC86782
http://www-01.ibm.com/support/docview.wss?uid=swg1IC86783
http://www-01.ibm.com/support/docview.wss?uid=swg1IC87192
http://www-01.ibm.com/support/docview.wss?uid=swg21450666
http://www-01.ibm.com/support/docview.wss?uid=swg21614536
http://www.securityfocus.com/bid/56133