Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable9199.PRM
HistoryApr 15, 2016 - 12:00 a.m.

IBM DB2 10.1 < Fix Pack 5 / 10.5 < Fix Pack 6 Multiple Vulnerabilities

2016-04-1500:00:00
Tenable
www.tenable.com
10
JSON

Versions of IBM DB2 10.1 earlier than Fix Pack 5 or 10.5 earlier than Fix Pack 6 are potentially affected by multiple issues :

  • A flaw exists that is triggered during the handling of SELECT statements with XML/XSLT function. This may allow an attacker to gain access to arbitrary files. (CVE-2014-8910)
  • A flaw exists that is triggered during the handling of SQL statements with unspecified Scalar Functions. This may allow an authenticated remote attacker to cause a denial of service. (CVE-2015-0157)
  • A flaw exists in the automated maintenance feature. The issue occurs when an authenticated DB2 user with elevated privileges manipulates an automated maintenance policy stored procedure, which can result in disclosing arbitrary files owned by the DB2 fenced ID on UNIX/Linux or administrator on Windows. (CVE-2015-1883)
  • A flaw exists in the Data Movement feature that is triggered when handling a specially crafted query. This may allow an authenticated remote attacker to delete rows from a table without appropriate privileges. (CVE-2015-1922)
  • A flaw exists that is triggered during the handling of SQL statements with LUW Scalar Functions. This may allow an authenticated remote attacker to run arbitrary code under the privileges of the DB2 instance owner, or cause a denial of service. (CVE-2015-1935)
Binary data 9199.prm
VendorProductVersionCPE
ibmdb2cpe:/a:ibm:db2

References

Related

openvas 1
ibm 8
nessus 5
prion 5
ubuntucve 5
cve 5
openvas
openvas
IBM DB2 Multiple Vulnerabilities (Jul 2015)
2015-07-29 00:00:00
ibm
ibm
Security Bulletin: Infosphere BigInsights is affected by multiple IBM DB2 advisories (CVE-2014-8910, CVE-2015-1883, CVE-2015-1922, CVE-2015-1935)
2020-07-18 23:29:35
Security Bulletin: Infosphere BigInsights is affected by multiple IBM DB2 advisories (CVE-2014-8910, CVE-2015-1883, CVE-2015-1922, CVE-2015-1935).
2021-04-08 20:59:42
Security Bulletin: IBM® DB2® contains a file disclosure vulnerability using a SELECT statement with XML/XSLT function (CVE-2014-8910)
2018-06-16 13:09:56
nessus
nessus
IBM DB2 10.5 <= Fix Pack 5 Multiple Vulnerabilities
2015-07-18 00:00:00
IBM DB2 9.8 <= Fix Pack 5 Multiple Vulnerabilities
2014-06-18 00:00:00
IBM DB2 9.7 < Fix Pack 11 Multiple Vulnerabilities (Bar Mitzvah) (FREAK) (TLS POODLE)
2015-07-18 00:00:00
prion
prion
Code injection
2015-07-20 01:59:00
Code injection
2015-07-20 01:59:00
Design/Logic Flaw
2015-07-20 01:59:00
ubuntucve
ubuntucve
CVE-2014-8910
2015-07-20 00:00:00
CVE-2015-0157
2015-07-20 00:00:00
CVE-2015-1883
2015-07-20 00:00:00
cve
cve
CVE-2015-1883
2015-07-20 01:59:00
CVE-2014-8910
2015-07-20 01:59:00
CVE-2015-0157
2015-07-20 01:59:00
JSON
Related for 9199.PRM
openvas1ibm8nessus5prion5ubuntucve5cve5