CVSS: 5.0EPSS: 4%CPEs: 8EXPL: 0CVE-2009-4327
https://notcve.org/view.php?id=CVE-2009-4327
The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service (memory consumption) via unspecified vectors. El componente Common Code Infrastructure en IBM DB2 v9.5 anterior a FP5 y v9.7 anterior a FP1, no valida adecuadamente el tamaño del pool de memoria durante un intento de creación, lo que permite a atacantes provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC63179 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ43772 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.c • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 0CVE-2009-4328
https://notcve.org/view.php?id=CVE-2009-4328
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances. Vulnerabilidad sin especificar en el componente DRDA Services en IBM DB2 v9.5 anterior a FP5, permite a usuarios autenticados remotamente provocar una denegación de servicio (trampa del servidor) mediante la llamada en extrañas circunstancias, a un procedimiento de almacenado SQL. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC64298 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.com/bid/37332 http://www.vupen.com/english/advisories/2009/3520 •
CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 2CVE-2009-4329
https://notcve.org/view.php?id=CVE-2009-4329
Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility. Vulnerabilidad sin especificar en el componente Engine Utilities en IBM DB2 v9.5 anterior a FP5, permite a usuarios autenticados remotamente provocar una denegación de servicio (fallo de segmentación) mediante la modificación de la cadena db2ra enviada en una petición desde la Utilidad de Carga (Load Utility). • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ52083 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.com/bid/37332 http://www.vupen.com/english/advisories/2009/3520 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2009-4330
https://notcve.org/view.php?id=CVE-2009-4330
Unspecified vulnerability in db2licm in the Engine Utilities component in IBM DB2 9.5 before FP5 has unknown impact and local attack vectors. Vulnerabilidad sin especificar en db2licm en el componente Engine Utilities en IBM DB2 v9.5 anterior a FP5 tiene un impacto y vectores de ataque desconocidos. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC62501 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.com/bid/37332 http://www.vupen.com/english/advisories/2009/3520 •
CVSS: 5.0EPSS: 3%CPEs: 18EXPL: 0CVE-2009-4332
https://notcve.org/view.php?id=CVE-2009-4332
db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors. db2pd en el Problem Determination en IBM DB2 v9.1 anterior a FP7 y v9.5 anterior a FP5, permite a atacantes provocar una denegación de servicio (deferencia a puntero NULL y terminación de aplicación) a través de vectores no especificados. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28509 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28510 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.c •