Vulnerabilities > CVE-2003-1051 - Command-line Format String vulnerability in IBM DB2 9.0

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
ibm
exploit available

Summary

Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.

Vulnerable Configurations

Part Description Count
Application
Ibm
1

Exploit-Db

  • descriptionIBM DB2 db2start Format String Arbitrary Code Execution. CVE-2003-1051. Local exploit for linux platform
    idEDB-ID:23344
    last seen2016-02-02
    modified2003-11-07
    published2003-11-07
    reporterSNOSoft
    sourcehttps://www.exploit-db.com/download/23344/
    titleIBM DB2 db2start Format String Arbitrary Code Execution
  • descriptionIBM DB2 db2govd Format String Arbitrary Code Execution. CVE-2003-1051. Local exploit for linux platform
    idEDB-ID:23346
    last seen2016-02-02
    modified2003-11-07
    published2003-11-07
    reporterSNOSoft
    sourcehttps://www.exploit-db.com/download/23346/
    titleIBM DB2 db2govd Format String Arbitrary Code Execution
  • descriptionIBM DB2 db2stop Format String Arbitrary Code Execution. CVE-2003-1051. Local exploit for linux platform
    idEDB-ID:23345
    last seen2016-02-02
    modified2003-11-07
    published2003-11-07
    reporterSNOSoft
    sourcehttps://www.exploit-db.com/download/23345/
    titleIBM DB2 db2stop Format String Arbitrary Code Execution