Ibm

Db2

292 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2008-3959

  • EPSS 0.89%
  • Published 11.09.2008 01:13:47
  • Last modified 09.04.2025 00:30:58

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/a...

9

CVE-2008-1997

  • EPSS 2.88%
  • Published 28.04.2008 20:05:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE...

8.5

CVE-2008-1998

  • EPSS 1.93%
  • Published 28.04.2008 20:05:00
  • Last modified 09.04.2025 00:30:58

The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter.

4

CVE-2008-1966

  • EPSS 2.17%
  • Published 27.04.2008 18:05:00
  • Last modified 09.04.2025 00:30:58

Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to ...

10

CVE-2007-3676

  • EPSS 4.55%
  • Published 13.02.2008 00:00:00
  • Last modified 09.04.2025 00:30:58

IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remo...

7.5

CVE-2008-0696

  • EPSS 0.4%
  • Published 12.02.2008 01:00:00
  • Last modified 09.04.2025 00:30:58

IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors.

7.2

CVE-2008-0697

  • EPSS 0.05%
  • Published 12.02.2008 01:00:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors.

7.8

CVE-2008-0698

  • EPSS 0.53%
  • Published 12.02.2008 01:00:00
  • Last modified 09.04.2025 00:30:58

Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."

9

CVE-2008-0699

  • EPSS 8%
  • Published 12.02.2008 01:00:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.

7.8

CVE-2007-5652

  • EPSS 0.79%
  • Published 23.10.2007 21:47:00
  • Last modified 09.04.2025 00:30:58

IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of...