Lucene search

[email protected]CVE-2007-2582

HistoryMay 10, 2007 - 12:19 a.m.

CVE-2007-2582

2007-05-1000:19:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-2582

buffer overflow

db2 jdbc applet server

ibm db2

security vulnerability

remote code execution

denial of service

nvd

vulnerability

9.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.241 Low

EPSS

Percentile

96.6%

JSON

Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a “MemTree overflow.”

CPENameOperatorVersion
ibm:db2ibm db2le9.0

CPE	Name	Operator	Version
ibm:db2	ibm db2	le	9.0

References

osvdb.org/40973

osvdb.org/40975

secunia.com/advisories/25148

www-1.ibm.com/support/search.wss?rs=0&q=IY97750&apar=only

www.securityfocus.com/archive/1/482024/100/0/threaded

www.securityfocus.com/bid/23890

www.securityfocus.com/bid/26010

www.securitytracker.com/id?1018029

www.securitytracker.com/id?1018801

www.vupen.com/english/advisories/2007/1707

www.zerodayinitiative.com/advisories/ZDI-07-056.html

exchange.xforce.ibmcloud.com/vulnerabilities/34184

Social References

9.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.241 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2007-2582

canvas1 prion2 zdi1 cvelist1 ibm3 cve1 nessus1