Db2@9.8.0.4 Security Vulnerabilities and Issues — Db2@9.8.0.4 CVE List

Lucene search

IbmDb29.8.0.4

4 matches found

CVE•added 2012/06/20 10:27 a.m.•310 views

CVE-2012-2180

The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.

4.3CVSS6.6AI score0.01001EPSS

CVE•added 2012/07/25 10:42 a.m.•305 views

CVE-2012-2197

Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges.

7.1CVSS7.5AI score0.12867EPSS

CVE•added 2012/07/25 10:42 a.m.•303 views

CVE-2012-2196

IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.

5CVSS6.5AI score0.00619EPSS

CVE•added 2012/07/25 10:42 a.m.•299 views

CVE-2012-2194

Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.

5CVSS6.4AI score0.00651EPSS