Reported October 24, 2003 by Application Security, Inc.
IBM DB2 Universal Database 7.2 for Windows
A stack-overflow vulnerability in DB2 Universal Database 7.2 for Windows can result in the execution of arbitrary code on the vulnerable server. To exploit this vulnerability, an attacker can issue a carefully crafted Invoke command.
IBM has released Fixpak 10a for DB2 v7.2 to fix this vulnerability.
Discovered by Application Security, Inc.