EUVD-2009-3455

Malware in sbrugna...

CVE-2012-2197

Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges...

Code injection

IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the 1 GETWRAPCFGC or 2 GETWRAPCFGC2 stored procedure...

IBM DB2 9.1 < Fix Pack 10 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.1 running on the remote host is prior to Fix Pack 10. It is, therefore, affected by one or more of the following issues : - It is possible to execute non-DDL statements even after an user's DBADM authority has been revoked. IC66811 - Multipl...

Stack overflow

Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server DAS component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long...

Buffer overflow

Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service trap via unspecified vectors. NOTE: this might overlap CVE-2010-0462...

IBM DB2 Self Tuning Memory Manager (STMM) DOS Vulnerability (Windows)

The host is installed with IBM DB2 and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodibmdb2stmmdosvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM DB2 Self Tuning Memory Manager STMM DOS Vulnerability Windows Authors: Antu Sanadi Updated By: Antu Sanadi on...

IBM DB2 Client Interfaces component Unspecified Vulnerabilities (Windows)

The host is installed with IBM DB2 and is prone to unspecified vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb2clntintrfcunspecifiedvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM DB2 Client Interfaces component Unspecified Vulnerabilities Windows Authors: Antu Sanadi Copyright:...

IBM DB2 Unspecified Vulnerability (Linux)

The host is installed with IBM DB2 and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbibmdb2unspesifiedvulnlin.nasl 7113 2017-09-13 06:03:30Z cfischer $ IBM DB2 Unspecified Vulnerability Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...

IBM DB2 Unspecified Vulnerability (Windows)

The host is installed with IBM DB2 and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbibmdb2unspesifiedvulnwin.nasl 4869 2016-12-29 11:01:45Z teissa $ IBM DB2 Unspecified Vulnerability Windows Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Authorization

IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors...

IBM DB2 9.1 < 9.1 Fix Pack 8 Multiple Vulnerabilities

Binary data 5190.prm...

Open redirect

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query...

CVE-2008-4691

Unspecified vulnerability in the SQLNLSUNPADDEDCHARLEN function in the New Compiler aka Starburst derived compiler component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service segmentation violation and trap via unknown vectors...

Code injection

Unspecified vulnerability in the SQLNLSUNPADDEDCHARLEN function in the New Compiler aka Starburst derived compiler component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service segmentation violation and trap via unknown vectors...

Buffer overflow

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service daemon crash via unspecified vectors. NOTE: this might be related to CVE-2007-3676...

Cross site request forgery (csrf)

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service instance crash via a crafted CONNECT data stream that simulates a V7 client connect request...

CVE-2008-3858

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service instance crash via a crafted CONNECT data stream that simulates a V7 client connect request...

CVE-2008-3858

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service instance crash via a crafted CONNECT data stream that simulates a V7 client connect request...