VULHUB ™

Remotely exploitable buffer overflow vulnerabilities exist in IBM DB2. These issues are due to insufficient bounds checking of data handled through XML Extender UDF's. Successful exploitation may allow execution of arbitrary code with the privilege of the DB2 UDB processes. It is reported that privileged code execution is also possible. These are likely some of the issues announced in BIDs 11089 and 11327. It is now being assigned its own BID since the vendor has provided additional technical information.

Remotely exploitable buffer overflow vulnerabilities exist in IBM DB2. These issues are due to insufficient bounds checking of data handled through XML Extender UDF's. Successful exploitation may allow execution of arbitrary code with the privilege of the DB2 UDB processes. It is reported that privileged code execution is also possible. These are likely some of the issues announced in BIDs 11089 and 11327. It is now being assigned its own BID since the vendor has provided additional technical information.