Ibm

Db2 Universal Database

66 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.08%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or ...

  • EPSS 0.07%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locat...

  • EPSS 0.05%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. ...

  • EPSS 0.05%
  • Published 23.02.2007 22:28:00
  • Last modified 09.04.2025 00:30:58

IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.

  • EPSS 0.06%
  • Published 23.02.2007 22:28:00
  • Last modified 09.04.2025 00:30:58

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."

  • EPSS 1.08%
  • Published 19.12.2006 20:28:00
  • Last modified 09.04.2025 00:30:58

IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.

  • EPSS 0.92%
  • Published 19.06.2006 10:02:00
  • Last modified 03.04.2025 01:03:51

IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite."

  • EPSS 1.63%
  • Published 19.06.2006 10:02:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of...

  • EPSS 1.56%
  • Published 19.06.2006 10:02:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a conne...

Exploit
  • EPSS 0.69%
  • Published 31.12.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.