Lucene search
K

189 matches found

NVD
NVD
added 2008/02/13 12:0 a.m.26 views

CVE-2007-3676

IBM DB2 Universal Database UDB Administration Server DAS 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory...

10CVSS7.6AI score0.0421EPSS
Exploits1References2
Cvelist
Cvelist
added 2008/02/12 11:0 p.m.40 views

CVE-2007-3676

IBM DB2 Universal Database UDB Administration Server DAS 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory...

7.5AI score0.0421EPSS
Exploits1References2
CVE
CVE
added 2008/02/12 11:0 p.m.73 views

CVE-2007-5757

The CVE-2007-5757 issue concerns IBM DB2 UDB and specifically the db2pd component. A untrusted search path allows a local user to gain root privileges by manipulating the DB2INSTANCE environment variable to point to a malicious library. Affected versions are IBM DB2 UDB 8 before FixPak 16 and 9 b...

6.9CVSS6.1AI score0.00329EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2008/02/12 11:0 p.m.78 views

CVE-2007-3676

CVE-2007-3676 concerns IBM DB2 UDB DAS prior to Fix Pack 16 (DAS 8.x) and Fix Pack 4 (DAS 9.x). The vulnerability allows a remote attacker to crash the DAS service or potentially execute arbitrary code by sending specially crafted remote administration requests that modify pointer values, trigger...

10CVSS9.7AI score0.0421EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2008/02/12 1:0 a.m.26 views

Design/Logic Flaw

Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors...

7.2CVSS6.5AI score0.00304EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2008/02/12 1:0 a.m.25 views

CVE-2008-0699

Unspecified vulnerability in the ADMINSPC procedure SYSPROC.ADMINSPC in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors...

9CVSS7AI score0.05199EPSS
Exploits0References11
Prion
Prion
added 2008/02/12 1:0 a.m.16 views

Authorization

IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors...

7.5CVSS7AI score0.01164EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/02/12 1:0 a.m.22 views

Code injection

Unspecified vulnerability in the ADMINSPC procedure SYSPROC.ADMINSPC in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors...

9CVSS7.3AI score0.05199EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2008/02/12 1:0 a.m.19 views

CVE-2008-0696

IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors...

7.5CVSS6.4AI score0.01164EPSS
Exploits0References4
Prion
Prion
added 2008/02/12 1:0 a.m.30 views

Buffer overflow

Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."...

7.8CVSS6.9AI score0.01516EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/02/12 12:0 a.m.29 views

CVE-2008-0699

Unspecified vulnerability in the ADMINSPC procedure SYSPROC.ADMINSPC in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors...

7AI score0.05199EPSS
Exploits0References11
Cvelist
Cvelist
added 2008/02/12 12:0 a.m.34 views

CVE-2008-0697

Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors...

6.2AI score0.00304EPSS
Exploits0References4
CVE
CVE
added 2008/02/12 12:0 a.m.53 views

CVE-2008-0699

The CVE-2008-0699 entry relates to an unspecified remote code execution vulnerability in IBM DB2 UDB via the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C). Affected products/versions include IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1. The underlying issue is within the ADMI...

9CVSS7AI score0.05199EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2008/02/12 12:0 a.m.43 views

CVE-2008-0696

CVE-2008-0696 affects IBM DB2 UDB prior to 8.2 Fixpak 16, where the ALTER TABLE statement does not properly enforce authorization. The provided sources describe the issue but do not specify concrete impact, attack vectors, or affected subcomponents beyond the ALTER TABLE authorization check. No e...

7.5CVSS6.4AI score0.01164EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/02/12 12:0 a.m.69 views

CVE-2008-0698

CVE-2008-0698 : IBM DB2 UDB DAS server has a buffer overflow in the DAS component prior to 8.2 Fixpak 16. This memory corruption likely stems from modified pointer values in remote administration requests and may enable denial of service or arbitrary code execution, per related Red Hat and NVD en...

7.8CVSS6.6AI score0.01516EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/11/20 8:46 p.m.23 views

CVE-2007-6051

IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the 1 DB2ADMNS and 2 DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related...

10CVSS6.3AI score0.01541EPSS
Exploits0References5
NVD
NVD
added 2007/11/20 8:46 p.m.18 views

CVE-2007-6048

IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related...

10CVSS6.3AI score0.01769EPSS
Exploits0References6
Prion
Prion
added 2007/11/20 8:46 p.m.15 views

Directory traversal

Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."...

7.2CVSS6.6AI score0.0032EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/11/20 8:46 p.m.23 views

CVE-2007-6047

Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART...

10CVSS7.2AI score0.02001EPSS
Exploits0References5
NVD
NVD
added 2007/11/20 8:46 p.m.20 views

CVE-2007-6053

IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...

9.3CVSS6.3AI score0.01272EPSS
Exploits0References4
Rows per page
Query Builder