CVE-2012-4826

high

Description

Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure.

References

http://www.securityfocus.com/bid/56133

http://www-01.ibm.com/support/docview.wss?uid=swg21614536

http://www-01.ibm.com/support/docview.wss?uid=swg21450666

http://www-01.ibm.com/support/docview.wss?uid=swg1IC87192

http://www-01.ibm.com/support/docview.wss?uid=swg1IC86783

http://www-01.ibm.com/support/docview.wss?uid=swg1IC86782

http://www-01.ibm.com/support/docview.wss?uid=swg1IC86781

http://www-01.ibm.com/support/docview.wss?uid=swg1IC86765

http://osvdb.org/86414

Details

Source: Mitre, NVD

Published: 2012-10-20

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.18365