189 matches found
Directory traversal
Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."...
CVE-2007-6052
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service divide-by-zero error and DBMS crash, related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
CVE-2007-6053
IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
Code injection
Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root...
Memory corruption
IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
Buffer overflow
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service divide-by-zero error and DBMS crash, related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
CVE-2007-6050
Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."...
CVE-2007-6047
Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART...
CVE-2007-6051
IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the 1 DB2ADMNS and 2 DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
CVE-2007-6052
CVE-2007-6052 affects IBM DB2 UDB 9.1 before Fixpak 4. The issue is in vector aggregation, which may allow a remote attacker to cause a denial of service via a divide-by-zero error/crash in the DBMS. The vendor description is noted as vague regarding its security relevance, but multiple connected...
CVE-2007-6046
CVE-2007-6046 concerns IBM DB2 UDB 9.1 before Fixpak 4, with an unspecified vulnerability in unspecified setuid programs. The issue allows local users to impact the system in an unspecified manner. Documented details indicate the vulnerability is local-exploit, with no explicit vector, scope, or ...
CVE-2007-6050
CVE-2007-6050 affects IBM DB2 UDB 9.1 prior to Fixpak 4, specifically the DB2LICD component. The vulnerability is described as unspecified and related to the creation of an ‘insecure directory’ . The NVD metrics indicate a local attack vector with potential complete confidentiality, integrity, an...
CVE-2007-6048
CVE-2007-6048 : IBM DB2 UDB 9.1 before Fixpak 4 allegedly uses incorrect permissions on ACLs for DB2NODES.CFG. The NVD entry notes unknown impact and attack vectors; connected sources also reference this ACL issue among several vulnerabilities in DB2 9.x before Fix Pack 4. No explicit exploitatio...
CVE-2007-6051
CVE-2007-6051 concerns IBM DB2 UDB 9.1 before Fixpak 4, where privileges are assigned to the DB2ADMNS and DB2USERS groups in an incorrect way. The sources confirm the affected product and version but state the impact is unknown and that vendor descriptions are too vague to determine if it is secu...
CVE-2007-6053
CVE-2007-6053 affects IBM DB2 UDB 9.1 before Fixpak 4, where handling of a large number of file descriptors is not robust, potentially leading to memory corruption. The vendor description is vague, and the available documents do not provide a confirmed security impact, exploit details, or a state...
CVE-2007-6049
IBM DB2 UDB 9.1 before Fixpak 4 is affected by an unspecified vulnerability in the SSL LOAD GSKIT action that involves a call to dlopen when the effective UID is root. The issue is reported in CVE-2007-6049; the impact details are not fully disclosed in the provided documents beyond the initial d...
CVE-2007-6045
CVE-2007-6045 affects IBM DB2 UDB 9.1 before Fixpak 4, specifically the DB2WATCH and DB2FREEZE components. The description states an unspecified vulnerability with unknown impact and attack vectors; no explicit exploitation details, affected versions beyond the mentioned FixPak, or remediation ar...
CVE-2007-6045
Unspecified vulnerability in 1 DB2WATCH and 2 DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors...
CVE-2007-6049
Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root...
CVE-2007-6050
Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."...