Lucene search

[email protected]CVE-2007-1088

HistoryFeb 23, 2007 - 10:28 p.m.

CVE-2007-1088

2007-02-2322:28:00

CWE-119

[email protected]

web.nvd.nist.gov

ibm db2

buffer overflow

cve-2007-1088

security vulnerability

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables.

Affected configurations

NVD

Node

ibmdb2Match8.0

ibmdb2Match8.0fp13

ibmdb2Match8.0fp14

ibmdb2Match8.0fp8

ibmdb2Match8.0fp9

ibmdb2Match8.1

ibmdb2Match8.1fp13

ibmdb2Match8.1fp14

ibmdb2Match8.1.4

ibmdb2Match8.1.5

ibmdb2Match8.1.6

ibmdb2Match8.1.6c

ibmdb2Match8.1.7

ibmdb2Match8.1.7b

ibmdb2Match8.1.8

ibmdb2Match8.1.8a

ibmdb2Match8.1.9

ibmdb2Match8.1.9a

ibmdb2Match9.1

ibmdb2Match9.1fp1

CPENameOperatorVersion
ibm:db2ibm db2eq8.0
ibm:db2ibm db2eq8.1
ibm:db2ibm db2eq8.1.4
ibm:db2ibm db2eq8.1.5
ibm:db2ibm db2eq8.1.6
ibm:db2ibm db2eq8.1.6c
ibm:db2ibm db2eq8.1.7
ibm:db2ibm db2eq8.1.7b
ibm:db2ibm db2eq8.1.8
ibm:db2ibm db2eq8.1.8a

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	8.0
ibm:db2	ibm db2	eq	8.1
ibm:db2	ibm db2	eq	8.1.4
ibm:db2	ibm db2	eq	8.1.5
ibm:db2	ibm db2	eq	8.1.6
ibm:db2	ibm db2	eq	8.1.6c
ibm:db2	ibm db2	eq	8.1.7
ibm:db2	ibm db2	eq	8.1.7b
ibm:db2	ibm db2	eq	8.1.8
ibm:db2	ibm db2	eq	8.1.8a

Rows per page:

1-10 of 131

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=481

osvdb.org/40971

www-1.ibm.com/support/docview.wss?uid=swg21255747

www.attrition.org/pipermail/vim/2007-August/001765.html

www.securityfocus.com/bid/22677

exchange.xforce.ibmcloud.com/vulnerabilities/32652

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-1088

nvd1 prion1 cvelist1 nessus1 securityvulns1