OpenCVE

Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Db2 Universal Database

Configuration 1 [-]

OR	cpe:2.3:a:ibm:db2_universal_database::fp14::::::*
	cpe:2.3:a:ibm:db2_universal_database:::fp2:::::*

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583
http://secunia.com/advisories/26471
http://securitytracker.com/id?1018581
http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346
http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311
http://www-1.ibm.com/support/docview.wss?uid=swg21255352
http://www-1.ibm.com/support/docview.wss?uid=swg21255607
http://www.attrition.org/pipermail/vim/2007-August/001765.html
http://www.securityfocus.com/bid/25339
http://www.vupen.com/english/advisories/2007/2912
https://exchange.xforce.ibmcloud.com/vulnerabilities/36067

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-18T21:00:00

Updated: 2024-08-07T14:46:39.416Z

Reserved: 2007-08-09T00:00:00

Link: CVE-2007-4276

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-08-18T21:17:00.000

Modified: 2024-11-21T00:35:12.727

Link: CVE-2007-4276

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-16T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"}, {"name": "20070818 Recent DB2 Vulnerabilities", "tags": ["mailing-list", "x_refsource_VIM"], "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"}, {"name": "ADV-2007-2912", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2912"}, {"name": "IY99311", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"}, {"name": "25339", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25339"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"}, {"name": "1018581", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018581"}, {"name": "26471", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26471"}, {"name": "20070816 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"}, {"name": "IY97346", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"}, {"name": "db2-environment-variables-bo(36067)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4276", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", "refsource": "CONFIRM", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"}, {"name": "20070818 Recent DB2 Vulnerabilities", "refsource": "VIM", "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"}, {"name": "ADV-2007-2912", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2912"}, {"name": "IY99311", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"}, {"name": "25339", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25339"}, {"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352", "refsource": "CONFIRM", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"}, {"name": "1018581", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018581"}, {"name": "26471", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26471"}, {"name": "20070816 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"}, {"name": "IY97346", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"}, {"name": "db2-environment-variables-bo(36067)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:46:39.416Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"}, {"name": "20070818 Recent DB2 Vulnerabilities", "tags": ["mailing-list", "x_refsource_VIM", "x_transferred"], "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"}, {"name": "ADV-2007-2912", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2912"}, {"name": "IY99311", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"}, {"name": "25339", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25339"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"}, {"name": "1018581", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018581"}, {"name": "26471", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26471"}, {"name": "20070816 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"}, {"name": "IY97346", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"}, {"name": "db2-environment-variables-bo(36067)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4276", "datePublished": "2007-08-18T21:00:00", "dateReserved": "2007-08-09T00:00:00", "dateUpdated": "2024-08-07T14:46:39.416Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*", "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C", "versionEndIncluding": "8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*", "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575", "versionEndIncluding": "9.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior a Fixpak 3 permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un largo DASPROF y posiblemente otras variables de entorno, las cuales son copiadas dentro del b\u00fafer buildDasPaths."}], "id": "CVE-2007-4276", "lastModified": "2024-11-21T00:35:12.727", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-18T21:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26471"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018581"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"}, {"source": "cve@mitre.org", "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25339"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2912"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26471"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018581"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25339"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2912"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}