Ibm

Db2

292 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2010-3474

  • EPSS 0.54%
  • Veröffentlicht 20.09.2010 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypass intended access restrictions via calls to these f...

4

CVE-2010-3475

  • EPSS 1.05%
  • Veröffentlicht 20.09.2010 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE sta...

10

CVE-2010-3193

  • EPSS 2.67%
  • Veröffentlicht 31.08.2010 22:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors.

7.5

CVE-2010-3194

  • EPSS 0.94%
  • Veröffentlicht 31.08.2010 22:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.

5

CVE-2010-3195

  • EPSS 1.04%
  • Veröffentlicht 31.08.2010 22:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration."

3.5

CVE-2010-3196

  • EPSS 0.38%
  • Veröffentlicht 31.08.2010 22:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view.

5

CVE-2010-3197

  • EPSS 0.28%
  • Veröffentlicht 31.08.2010 22:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors.

4

CVE-2010-1560

  • EPSS 1.1%
  • Veröffentlicht 27.04.2010 15:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. NOTE: this might overlap CVE-2010-0462.

5

CVE-2010-0472

Exploit
  • EPSS 1.11%
  • Veröffentlicht 02.02.2010 18:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to cause a denial of service (daemon crash) via a certain byte sequence.

6.5

CVE-2010-0462

Exploit
  • EPSS 13.6%
  • Veröffentlicht 28.01.2010 20:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function.