CVE-2007-1087

IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow.

Date published : 2007-02-23

http://www-1.ibm.com/support/docview.wss?uid=swg21255747

http://www.securityfocus.com/bid/22677