Ibm

Db2

292 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2009-4438

  • EPSS 1.01%
  • Veröffentlicht 28.12.2009 19:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated u...

4

CVE-2009-4439

  • EPSS 1.11%
  • Veröffentlicht 28.12.2009 19:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query.

6.4

CVE-2009-4325

Exploit
  • EPSS 1.78%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "...

4.3

CVE-2009-4326

  • EPSS 0.66%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protect...

5

CVE-2009-4327

  • EPSS 1.04%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service (memory consumption) via unspeci...

4

CVE-2009-4328

  • EPSS 1.11%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances.

4

CVE-2009-4329

Exploit
  • EPSS 1.02%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility.

7.2

CVE-2009-4330

  • EPSS 0.08%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in db2licm in the Engine Utilities component in IBM DB2 9.5 before FP5 has unknown impact and local attack vectors.

7.2

CVE-2009-4331

Exploit
  • EPSS 0.1%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors.

5

CVE-2009-4332

  • EPSS 0.92%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors.