IBM DB2 Universal Database DB2FMP Command Local Overflow
Local Access Required
Loss of Integrity
A local overflow exists in DB2. The 'db2fmp' command fails to perform proper bounds checking resulting in a buffer overflow. By passing an overly long parameter to the command, a remote attacker can gain root privileges resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.