Release date:
Updated on:
Affected Systems:
IBM DB2 9.x
IBM DB2 10.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 60255
Cve id: CVE-2013-3475
IBM DB2 is a large commercial relational database system. DB2 Connect connects PCs and mobile devices to the organization's mainframe.
In the Audit functions of IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, The db2aud stack buffer overflow vulnerability allows local users to gain elevated permissions.
<* Source: Bartlomiej Balcerek
Link: http://xforce.iss.net/xforce/xfdb/84358
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.ibm.com/support/fixcentral/
Http://www-01.ibm.com/support/docview.wss? Uid = swg21639194
Http://www-01.ibm.com/support/docview.wss? Uid = swg21639355