CVSS: 7.5EPSS: 1%CPEs: 38EXPL: 0CVE-2012-0710
https://notcve.org/view.php?id=CVE-2012-0710
20 Mar 2012 — IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request. IBM DB2 9.1 antes de FP11, 9.5 antes de FP9, 9.7 antes de FP5, y 9.8 antes de FP4 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de una solicitud Distributed Relational Database Architecture (DRDA) modificada. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC76781 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 7%CPEs: 41EXPL: 0CVE-2012-0711
https://notcve.org/view.php?id=CVE-2012-0711
20 Mar 2012 — Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. Un error de entero sin signo en el proceso db2dasrrm del servidor de administración de DB2 (DAS) en IBM DB2 v9.1 hasta FP11, v9.5 antes de vFP9, y v9.7 hasta FP5 para UNIX permite a atacantes remotos ejecutar código de su el... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC80561 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2011-1373
https://notcve.org/view.php?id=CVE-2011-1373
09 Nov 2011 — Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors. Vulnerabilidad no especificada en IBM DB2 v9.7 antes de FP5 en UNIX, cuando las características Self Tuning Memory Manager (STMM) y AUTOMATIC DATABASE_MEMORY están configuradas, permite a usuarios locales provocar una denegación de servicio (caída del demoni... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC70473 •
CVSS: 8.1EPSS: 1%CPEs: 16EXPL: 0CVE-2011-1846
https://notcve.org/view.php?id=CVE-2011-1846
03 May 2011 — IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information. IBM DB2 v9.5 anterior a FP7 y v9.7 anterior a FP4 en Linux, UNIX y Windows no revoca correctamente la pertenencia a grupos, lo que permite a usuar... • http://secunia.com/advisories/44229 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 1%CPEs: 16EXPL: 0CVE-2011-1847
https://notcve.org/view.php?id=CVE-2011-1847
03 May 2011 — IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information. IBM DB2 v9.5 anterior a FP7 y v9.7 anterior a FP4 en Linux, UNIX y Windows no fuerzan correctamente los requisitos de privilegios para acceder a la tabla, permitiendo a usuarios remotos autentica... • http://secunia.com/advisories/44229 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 28EXPL: 0CVE-2011-0757
https://notcve.org/view.php?id=CVE-2011-0757
02 Feb 2011 — IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. IBM DB2 v9.1 anterior a FP10, v9.5 anterior a FP6a, y v9.7 anterior a FP2 en Linux, UNIX y Windows no revoca correctamente la autorización DBADM, que permite a usuarios autenticados remotamente ejecutar instrucciones no-DDL aprovechandose de la posesión ... • http://osvdb.org/70773 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 7%CPEs: 30EXPL: 0CVE-2011-0731
https://notcve.org/view.php?id=CVE-2011-0731
01 Feb 2011 — Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en el componente DB2 Administration Server (DAS) para IBM DB2 v9.1 anterior a FP10, v9.5 anterior a FP7, y v9.7 anterior a FP3 en Linux, UNIX, y Windows permite a atacantes remotos ejecutar código a través de vectores desconocidos • http://secunia.com/advisories/43059 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 26EXPL: 0CVE-2010-3193
https://notcve.org/view.php?id=CVE-2010-3193
31 Aug 2010 — Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors. Vulnerabilidad sin especificar en el programa DB2STST en IBM DB2 v9.1 anterior a FP9, v9.5 anterior a FP6, y v9.7 anterior a FP2 tienen un impacto y vactores de ataque desconocidos. • ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT •
CVSS: 9.1EPSS: 0%CPEs: 26EXPL: 0CVE-2010-3194
https://notcve.org/view.php?id=CVE-2010-3194
31 Aug 2010 — The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner. El programa DB2DART en IBM DB2 v9.1 anterior a FP9, v9.5 anterior a FP6, y v9.7 anterior a FP2 permite a atacantes evitar las restricciones de los ficheros de acceso previstas a través de vectores sin especificar relacionados con con la sobreescritura de ficheros propietarios por una ins... • ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 0CVE-2010-3195
https://notcve.org/view.php?id=CVE-2010-3195
31 Aug 2010 — Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration." Vulnerabilidad sin especificar en IBM DB2 v9.1 anterior a FP9, v9.5 anterior a FP6, y v9.7 anterior a FP2 en Windows Server 2008 permite a atacantes remotos provocar una denegación de servicio (trampa) a través de vectores involucrados "Grupo especial y enumeración de usuarios" ("special... • ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT •