CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-3568
https://notcve.org/view.php?id=CVE-2005-3568
16 Nov 2005 — db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allows local users to cause a denial of service (CPU consumption) by importing a corrupted Microsoft Excel file, aka "CORRUPTED EXEL FILE WILL CAUSE TEXT SEARCH PROCESS LOOPING." • http://secunia.com/advisories/17388 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-3569
https://notcve.org/view.php?id=CVE-2005-3569
16 Nov 2005 — INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX allows attackers to cause a denial of service (application crash) via unknown attack vectors involving LZH files. • http://secunia.com/advisories/17388 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-2073
https://notcve.org/view.php?id=CVE-2005-2073
29 Jun 2005 — Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. • http://www-1.ibm.com/support/search.wss?rs=0&q=IY73104&apar=only •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2005-0417
https://notcve.org/view.php?id=CVE-2005-0417
14 Feb 2005 — Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. Vulnerabilidad desconocida de "alto riesgo" en DB2 Universal Database 8.1 y anteriores con impacto y vectores de ataque desconocidos. • http://marc.info/?l=bugtraq&m=110801212422825&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2004-1372
https://notcve.org/view.php?id=CVE-2004-1372
01 Sep 2004 — Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. • http://marc.info/?l=bugtraq&m=110382462924162&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 3CVE-2003-1052 – IBM DB2 - Shared Library Injection
https://notcve.org/view.php?id=CVE-2003-1052
20 Aug 2004 — IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. IBM DB2 7.1 y 8.1 permite al usuario bin ganar privilegios de root modificando las librerías compartidas usadas por programas con setuid de root. • https://www.exploit-db.com/exploits/22989 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2003-1051 – IBM DB2 - 'db2govd' Format String Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2003-1051
20 Aug 2004 — Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. Múltiples vulnerabilidades de cadena de formato en IBM Universal Database 8.1 puede permitir a usuarios locales ejecutar código arbitrario mediante ciertos argumentos de línea de comando a (1) db2start, (2) db2stop, or (3) db2govd. • https://www.exploit-db.com/exploits/23346 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2004-0795 – IBM DB2 Db2rcmd.exe Command Execution
https://notcve.org/view.php?id=CVE-2004-0795
20 Aug 2004 — DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. El servidor de órdenes remoto de DB2 8.1 (DB2RCMD.EXE) ejecuta el programa db2rcmdc.exe como el adminstrador db2admin, lo que permite a usuarios locales ganar privilegios mediante la tubería con nombre DB2REMOTECMD. • https://packetstorm.news/files/id/180775 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2002-1583
https://notcve.org/view.php?id=CVE-2002-1583
20 Aug 2004 — Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. Desbordamiento de búfer en sqllib/security/db2ckpw de IBM DB2 Universal Database 6.0 y 7.0 permite a usuarios locales ejecutar código de su elección mediante un nombre de usuario largo que se lee de un argumento de descriptor de fichero. • http://www.iss.net/security_center/static/9078.php •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2003-1050 – IBM DB2 - 'db2govd' Command Line Argument Local Overflow
https://notcve.org/view.php?id=CVE-2003-1050
20 Aug 2004 — Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. Múltiples desbordamientos de búfer en IBM DB2 Universal Database 8.1 pueden permitir a usuarios locales ejecutar código de su elección mediante argumentos de línea de comandos largos a (1)db2start, (2) db2stop, o (3) db2govd. • https://www.exploit-db.com/exploits/23349 •