Design/Logic Flaw

IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service instance crash via a crafted CONNECT/ATTACH data stream that simulates a V7 client connect/attach request. NOTE: this may overlap CVE-2008-3858. NOTE: this issue exists because of an incomplete fix for CVE-2008-39...

Code injection

Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...

CVE-2008-3960

Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...

CVE-2008-3960

IBM DB2 UDB 8 is affected by CVE-2008-3960 in the JDBC Applet Server Service (db2jds) prior to Fixpak 17, enabling remote denial of service via malicious packets. The vulnerability is documented as unspecified in the initial description, with the primary remediation being upgrading to Fixpak 17. ...

Design/Logic Flaw

Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via 1 unspecified vectors where an attacker's umask is honored, 2 /etc/ld.so.preload, 3 certain "cron data file locations", and other unspecified vectors possibly involvi...

CVE-2007-4272

Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via 1 unspecified vectors where an attacker's umask is honored, 2 /etc/ld.so.preload, 3 certain "cron data file locations", and other unspecified vectors possibly involvi...

CVE-2007-4271

Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. dot dot in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to 1 DB2 instance or FMP startup on Linux and Solaris; 2 exec of executables while running as root on non-Windows systems, as...

CVE-2007-4275

IBM DB2 UDB 8.x (Fixpak 15) and 9.1 (Fixpak 3) have multiple local privilege-escalation vulnerabilities due to untrusted search paths and environment-based file/binary loading. Exploitable vectors include startup of the DB2 instance or FMP on Linux/Solaris, execution of executables while running ...