Ibm

Db2

327 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2009-4328

  • EPSS 1.11%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances.

4

CVE-2009-4329

Exploit
  • EPSS 1.02%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility.

7.2

CVE-2009-4330

  • EPSS 0.08%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in db2licm in the Engine Utilities component in IBM DB2 9.5 before FP5 has unknown impact and local attack vectors.

7.2

CVE-2009-4331

Exploit
  • EPSS 0.1%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors.

5

CVE-2009-4332

  • EPSS 0.92%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors.

7.5

CVE-2009-4333

  • EPSS 0.35%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command.

4.6

CVE-2009-4334

  • EPSS 0.05%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writi...

10

CVE-2009-4335

  • EPSS 1.66%
  • Veröffentlicht 16.12.2009 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Multiple unspecified vulnerabilities in bundled stored procedures in the Spatial Extender component in IBM DB2 9.5 before FP5 have unknown impact and remote attack vectors, related to "remote exploits."

4.6

CVE-2009-4150

  • EPSS 0.13%
  • Veröffentlicht 02.12.2009 11:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

7.5

CVE-2009-3471

  • EPSS 0.85%
  • Veröffentlicht 29.09.2009 21:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which has unspecified impact and remote attack vectors.