7.8
CVE-2007-5652
- EPSS 1.79%
- Veröffentlicht 23.10.2007 21:47:00
- Zuletzt bearbeitet 16.06.2026 22:46:34
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.79% | 0.755 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www-1.ibm.com/support/docview.wss?uid=swg21255607
http://secunia.com/advisories/27177
http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031
http://www.ibm.com/support/docview.wss?uid=swg1LI72519
http://www.securityfocus.com/bid/26450
http://www.vupen.com/english/advisories/2007/3538
http://www.vupen.com/english/advisories/2007/3867