IBM.DB2.Db2dasrrm.ReceiveDASMessage.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a buffer overflow vulnerability in IBM DB2.
This issue is caused by lacking of checking the user input passed to db2dasrrm component. It may allow remote attackers to execute arbitrary code by sending a crafted client request.

affected-products-logoAffected Products

DB2 9.1 prior to Fix Pack 10
DB2 9.5 prior to Fix Pack 7
DB2 9.7 prior to Fix Pack 3

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)