Intrusion Prevention

IBM.DB2.JDBC.Applet.Remote.Code.Execution

Description

This indicates an attempt to exploit one of several buffer overflow vulnerabilities in the IBM DB2 Universal Database.
The vulnerabilities are caused by an error that occurs when the software handles a malicious JDBC type 3 packet. As a result a remote attacker may be able to execute arbitrary code by sending a specially crafted packet.

Affected Products

IBM DB2 9.0 and previous versions.

Impact

System compromise: arbitrary code execution.

Recommended Actions

Apply patch, available from the web site.
http://www-1.ibm.com/support/docview.wss?uid=swg1IY97750

CVE References

CVE-2007-5324 CVE-2007-2582