11 matches found
CVE-2010-3736
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator is enabled, allows remote authenticated users to cause a denial of service heap memory consumption by using a different code page than the database server...
CVE-2010-3740
The Net Search Extender NSE implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service memory consumption and system hang via the db2ext.textSearch function...
CVE-2010-3739
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection aka CONNECT and AUTHENTICATION events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers...
CVE-2010-3735
The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service CPU consumption via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time...
CVE-2010-3737
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service heap memory consumption by executing a 1 user-defined function UDF or 2 stored procedure while using a different code page than the database server...
Memory corruption
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service heap memory consumption by executing a 1 user-defined function UDF or 2 stored procedure while using a different code page than the database server...
Code injection
The Net Search Extender NSE implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service memory consumption and system hang via the db2ext.textSearch function...
CVE-2010-3739
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection aka CONNECT and AUTHENTICATION events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers...
CVE-2010-3737
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service heap memory consumption by executing a 1 user-defined function UDF or 2 stored procedure while using a different code page than the database server...
CVE-2010-3733
The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file...
CVE-2010-3736
CVE-2010-3736 affects IBM DB2 UDB 9.5 before FP6a. The vulnerability is a memory leak in the Relational Data Services component when the connection concentrator is enabled, allowing remote authenticated users to cause a denial of service via heap memory consumption by using a different code page ...