EUVD-2008-3945

Malware in sbrugna...

EUVD-2005-4857

Malware in sbrugna...

Security Bulletin:IBM TRIRIGA Application Platform may be be afftected by known vulnerabilities in db2jcc4.jar (CVE-2007-2582)

Summary IBM TRIRIGA Application may be vulnerable to mutiple buffer overflows in DB2 Vulnerability Details CVEID:CVE-2007-2582 DESCRIPTION: Multiple buffer overflows in the DB2 JDBC Applet Server DB2JDS service in IBM DB2 9.x and earlier allow remote attackers to 1 execute arbitrary code via a...

IBM DB2 JDBC Applet Server远程拒绝服务漏洞

CVE ID：CVE-2009-2971 IBM DB2是一个大型的商业关系数据库系统，面向电子商务、商业资讯、内容管理、客户关系管理等应用，可运行于AIX、HP-UX、Linux、Solaris、Windows等系统。 IBM DB2 JDBC Applet Server服务程序中的jdbcReadString函数存在一个安全漏洞，在转换UNICODE到ANSI字符的时候，没有判断报文中实际的字符串大小，而直接使用报文中的长度域。如果远程攻击者发送特殊构造的JDBC数据，无须认证即可导致JDBC Applet Server退出. IBM DB2 Universal Database...

NSFOCUS SA2009-02 : IBM DB2 JDBC Applet Server Remote DoS Vulnerability

NSFOCUS Security Advisory SA2009-02 IBM DB2 JDBC Applet Server Remote DoS Vulnerability Release Date: 2009-10-16 CVE ID: CVE-2009-2971 http://www.nsfocus.com/en/advisories/0902.html Affected system: ============== IBM DB2 Universal Database v8.1 Fixpak 15 v8.2 Fixpak 8 and lower versions IBM DB2...

Code injection

Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...

CVE-2008-3960

IBM DB2 UDB 8 is affected by CVE-2008-3960 in the JDBC Applet Server Service (db2jds) prior to Fixpak 17, enabling remote denial of service via malicious packets. The vulnerability is documented as unspecified in the initial description, with the primary remediation being upgrading to Fixpak 17. ...

CVE-2005-4866

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminato...

Immunity Canvas: DB2_JDBC

Name| db2jdbc ---|--- CVE| CVE-2007-2582 Exploit Pack| CANVAS Description| IBM DB2 JDBC Applet Server Overflow Notes| References: http://www.zerodayinitiative.com/advisories/ZDI-07-056.html CVE Name: CVE-2007-2582 VENDOR: IBM Notes: Repeatability: Date public: 10/10/07 CVE Url:...

CVE-2007-2582

The IBM DB2JDS vulnerability (CVE-2007-2582) in IBM DB2 9.x and earlier allows remote code execution via a crafted packet to the DB2JDS service on TCP port 6789, and also DoS through an invalid LANG parameter or an oversized packet causing a MemTree overflow. IBM TRIRIGA Application Platform is n...

EUVD-2007-2575

Multiple buffer overflows in the DB2 JDBC Applet Server DB2JDS service in IBM DB2 9.x and earlier allow remote attackers to 1 execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via 2 an invalid LANG parameter or 2 a long packet that...

CVE-2005-4866

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminato...

IBM DB2 JDBC Applet Server buffer overflow (#NISR05012005D)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 JDBC Applet Server buffer overflow Systems Affected: DB2 8.1 Severity: High risk from remote Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Da...