Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2010-0462
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 6.5/10
- Exploit Score
- 8/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- Single
- Impact Score
- 6.4/10
- Confidentiality Impact
- Partial
- Availability Impact
- Partial
- Integrity Impact
- Partial
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp6a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp7a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp2a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.7:fp1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp8:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://www.securityfocus.com/bid/37976
- http://securitytracker.com/id?1023509
- http://intevydis.blogspot.com/2010/01/ibm-db2-97-heap-overflow.html
- http://www-01.ibm.com/support/docview.wss?uid=swg21426108
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC65935
- http://www-01.ibm.com/support/docview.wss?uid=swg21432298
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC65933
- ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55899
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1