Lucene search
+L

189 matches found

CVE
CVE
added 2010/10/05 5:0 p.m.70 views

CVE-2010-3735

CVE-2010-3735 affects IBM DB2 UDB 9.5 before FP6a. The vulnerability lies in the Query Compiler, Rewrite, Optimizer component, where remote authenticated users can cause a denial of service by sending a crafted query involving certain UNION ALL views, resulting in an indefinitely large amount of ...

2.1CVSS6.1AI score0.00953EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/10/05 5:0 p.m.69 views

CVE-2010-3738

IBM DB2 UDB 9.5 prior to FP6a is affected by an audit-logging issue in the Security component, which uses the instance owner’s USERID/AUTHID instead of the logged-in user’s, enabling remote authenticated users to run Audit administration commands without discovery. This is documented in CVE-2010-...

5CVSS6.7AI score0.01196EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/10/05 5:0 p.m.64 views

CVE-2010-3733

The CVE-2010-3733 entry concerns IBM DB2 UDB 9.5 before FP6a. The Engine Utilities component uses world-writable permissions on sqllib/cfg/db2sprf, enabling local users to modify the file to gain privileges. Public references in the initial documents confirm this file-level permission issue; othe...

7.2CVSS6.5AI score0.00307EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2009/12/17 12:0 a.m.25 views

IBM DB2 Universal Database Connection Handshake Denial of Service (CVE-2006-4257)

The IBM DB2 Universal Database UDB is a relational database management system. The product supports the Distributed Relational Database Architecture DRDA, an Open Group standard, to meet the needs of application programs requiring access to distributed relational data. There exists a denial of...

4CVSS6AI score0.0212EPSS
Exploits0
securityvulns
securityvulns
added 2008/09/22 12:0 a.m.103 views

Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Buffer overrun in XMLQUERY and XMLEXISTS September 15th 2008 Risk Level: High Affected versions: IBM DB2 Database Server v9.1 and 9.5 on Windows platform. Remote exploitable: Yes Authentication to Database Server is need...

7.8CVSS0.2AI score0.03684EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/09/16 12:0 a.m.11 views

DB2 < 8 FixPak 17 Multiple Vulnerabilities (deprecated)

Binary data 4680.prm...

10CVSS7.3AI score0.03672EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2008/09/12 12:0 a.m.52 views

IBM DB2 8 < Fix Pack 17 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 8 running on the remote host is affected by multiple issues : - By sending malicious DB2 UDB v7 client CONNECT/DETACH requests it may be possible to crash the remote DB2 server. IZ08134 - Failure to switch the owner of the 'DB2FMP' process may...

10CVSS8.1AI score0.03672EPSS
Exploits1References14
NVD
NVD
added 2008/09/11 1:13 a.m.29 views

CVE-2008-3959

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service instance crash via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request...

5CVSS6.2AI score0.02194EPSS
Exploits0References4
NVD
NVD
added 2008/09/11 1:13 a.m.23 views

CVE-2008-3960

Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...

5CVSS6.3AI score0.01747EPSS
Exploits0References8
Prion
Prion
added 2008/09/11 1:13 a.m.24 views

Cross site request forgery (csrf)

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service instance crash via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request...

5CVSS6.6AI score0.02194EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/09/11 1:13 a.m.27 views

Code injection

Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...

5CVSS6.9AI score0.01747EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2008/09/11 1:13 a.m.30 views

Design/Logic Flaw

IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service instance crash via a crafted CONNECT/ATTACH data stream that simulates a V7 client connect/attach request. NOTE: this may overlap CVE-2008-3858. NOTE: this issue exists because of an incomplete fix for CVE-2008-39...

7.5CVSS6.6AI score0.02194EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2008/09/09 2:0 p.m.53 views

CVE-2008-3960

IBM DB2 UDB 8 is affected by CVE-2008-3960 in the JDBC Applet Server Service (db2jds) prior to Fixpak 17, enabling remote denial of service via malicious packets. The vulnerability is documented as unspecified in the initial description, with the primary remediation being upgrading to Fixpak 17. ...

5CVSS6.2AI score0.01747EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2008/09/09 2:0 p.m.30 views

CVE-2008-3960

Unspecified vulnerability in the JDBC Applet Server Service aka db2jds in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service service crash via "malicious packets."...

6.3AI score0.01747EPSS
Exploits0References8
Cvelist
Cvelist
added 2008/09/09 2:0 p.m.29 views

CVE-2008-3959

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service instance crash via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request...

6.2AI score0.02194EPSS
Exploits0References4
CVE
CVE
added 2008/09/09 2:0 p.m.58 views

CVE-2008-3959

CVE-2008-3959 affects IBM DB2 UDB. The vulnerability allows remote attackers to cause a denial of service (instance crash) by sending a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request. Affected versions include DB2 UDB 8.1 before FixPak ...

5CVSS8.9AI score0.02194EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/09/09 2:0 p.m.65 views

CVE-2008-3958

CVE-2008-3958 affects IBM DB2 UDB 8 before Fixpak 17, where a remote attacker can crash the instance by sending a crafted CONNECT/ATTACH stream that mimics a V7 client connect/attach request. The note indicates overlap with CVE-2008-3858 and an incomplete fix related to CVE-2008-3959. The provide...

7.5CVSS9AI score0.01609EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2008/04/20 12:0 a.m.45 views

Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory IBM DB2 UDB Arbitrary code execution in ADMINSPC/ADMINSPC2 procedures April 17th 2008 Risk Level: High Affected versions: All versions of IBM DB2 Database Server. Remotely exploitable: Yes Authentication to Database Serv...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2008/04/20 12:0 a.m.41 views

Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure April 17th 2008 Risk Level: High Affected versions: All versions of IBM DB2 Database Server. Remotely exploitable: Yes Authentication to Database Server is...

6.8AI score
Exploits0
NVD
NVD
added 2008/02/13 12:0 a.m.37 views

CVE-2007-5757

Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database UDB 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as...

6.9CVSS6.1AI score0.00329EPSS
Exploits1References4
Rows per page
Query Builder