| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability announce CVE-2010-0462 CVE-2010-1560
IBM DB2: heap overflow via REPEAT
Synthesis of the vulnerability
| An authenticated attacker can use the REPEAT() function, in order to generate an overflow, leading to a denial of service or to code execution with database privileges. |
Severity: 2/4.
Creation date: 28/01/2010.
|
Description of the vulnerability
The SQL REPEAT() function generates a character string, which is built by repeating a pattern. For example, to obtain "HelloHello" :
SELECT REPEAT( 'Hello', 2 )
IBM DB2 checks that the size of the string is not too long. However, by using a sub-call, the size can become over 2^32, and forces the allocation of a short memory area, and then a heap overflow.
An authenticated attacker can therefore use the REPEAT() function, in order to generate an overflow, leading to a denial of service or to code execution with database privileges. |
Complete Vigil@nce bulletin
Characteristics
Title: IBM DB2: heap overflow via REPEAT.
Keywords: DB2 Hello HelloHello REPEAT SELECT SQL heap overflow.
Identifiers: 1426108, BID-37976, CVE-2010-0462, CVE-2010-1560, swg21426108, VIGILANCE-VUL-9387.
Pointed by: VIGILANCE-VUL-9610.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerabilities tracking service
|
