CVE-2007-1087

{"modified": "2008-11-15T01:43:08", "id": "CVE-2007-1087", "edition": 1, "objectVersion": "1.2", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1087", "cvelist": ["CVE-2007-1087"], "references": ["http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481", "http://xforce.iss.net/xforce/xfdb/32651", "http://www.securityfocus.com/bid/22677", "http://www.attrition.org/pipermail/vim/2007-August/001765.html", "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"], "bulletinFamily": "NVD", "cpe": ["cpe:/a:ibm:db2_universal_database:8.0:fp14", "cpe:/a:ibm:db2_universal_database:8.1.4", "cpe:/a:ibm:db2_universal_database:8.1.6c", "cpe:/a:ibm:db2_universal_database:8.10", "cpe:/a:ibm:db2_universal_database:8.0::linux", "cpe:/a:ibm:db2_universal_database:8.1.6", "cpe:/a:ibm:db2_universal_database:8.1.7", "cpe:/a:ibm:db2_universal_database:8.1.9a", "cpe:/a:ibm:db2_universal_database:8.12", "cpe:/a:ibm:db2_universal_database:9.1::hp_ux", "cpe:/a:ibm:db2_universal_database:8.1.8", "cpe:/a:ibm:db2_universal_database:8.1.5", "cpe:/a:ibm:db2_universal_database:8.0:fp13", "cpe:/a:ibm:db2_universal_database:8.1.8a", "cpe:/a:ibm:db2_universal_database:8.1.9", "cpe:/a:ibm:db2_universal_database:8.1::aix", "cpe:/a:ibm:db2_universal_database:8.1.7b"], "title": "CVE-2007-1087", "published": "2007-02-23T17:28:00", "viewCount": 0, "type": "cve", "lastseen": "2016-09-03T08:29:35", "description": "IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow.", "hash": "dd4c419ebb6dc17ab58350a406597cecaec5eebf0b9ba20c4b0874cabbecd5ad", "reporter": "NVD", "scanner": [], "assessment": {"system": "", "name": "", "href": ""}}

{"result": {"nessus": [{"id": "DB2_9FP2.NASL", "type": "nessus", "title": "IBM DB2 < 9 Fix Pack 2 Multiple Vulnerabilities", "description": "According to its version, the installation of IBM DB2 running on the remote host allows unsafe access to several setuid-root binaries. A local attacker can exploit this to crash the affected database server or possibly even gain root-level access. \n\nIn addition, the fenced userid may be able to access directories without proper authorization.", "published": "2007-02-23T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=24699", "cvelist": ["CVE-2007-1087", "CVE-2007-1228", "CVE-2007-1088", "CVE-2007-1086"], "lastseen": "2016-10-11T01:26:19"}]}}