CVE-2010-3731

N/A Unknown

Published: October 05, 2010 Modified: April 29, 2026

Description

Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long username string.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

Source: cve@mitre.org

http://secunia.com/advisories/41686

Source: cve@mitre.org

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IC69986

Source: cve@mitre.org

http://www-01.ibm.com/support/docview.wss?uid=swg1IC70538

Source: cve@mitre.org

http://www-01.ibm.com/support/docview.wss?uid=swg1IC70539

Source: cve@mitre.org

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

Source: cve@mitre.org

http://www.securityfocus.com/bid/46077

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/2544

Source: cve@mitre.org

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-11-035

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14687

Source: cve@mitre.org

ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/41686

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IC69986

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg1IC70538

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg1IC70539

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/46077

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2010/2544

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-11-035

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14687

Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

9.6%

95th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

ibm

Related CVEs

CVE-2026-8662 3.3

CVE-2026-8658 6.0

CVE-2026-8666 7.7

CVE-2026-8665 7.7

CVE-2026-8664 6.0