CVSS: 10.0EPSS: 9%CPEs: 2EXPL: 0CVE-2007-3676
https://notcve.org/view.php?id=CVE-2007-3676
12 Feb 2008 — IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698. El Servidor de Administración (DAS) de IBM DB2 Universal Database (UDB) en versión 8 anterior al Fix Pack 16 y versi... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2007-5652
https://notcve.org/view.php?id=CVE-2007-5652
23 Oct 2007 — IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. IBM DB2 UDB versión 9.1 anterior a Fixpak 4, no administra apropiadamente el almacenamiento de una lista que contiene información de autenticación, lo que podría permitir a atacantes causar una d... • http://secunia.com/advisories/27177 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 1EXPL: 0CVE-2007-2582 – IBM DB2 DB2JDS Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-2582
09 May 2007 — Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow." Múltiples desbordamientos de búfer en el servicio DB2 JDBC Applet Server (DB2JDS) en IBM DB2 versión 9.x y anteriores, permiten que los atacantes remotos (1) ejecuten un código arbi... • http://osvdb.org/40973 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2007-1087
https://notcve.org/view.php?id=CVE-2007-1087
23 Feb 2007 — IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow. IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 no finaliza adecuadamente ciertas cadenas de entrada, lo cual permite a usuarios locales ejecutar código de su elección a través de variables de entorno no especificadas que disparan un desbordamiento de b... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2007-1088
https://notcve.org/view.php?id=CVE-2007-1088
23 Feb 2007 — Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables. Desbordamiento de búfer basado en pila en IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 permite a usuarios locales ejecutar código de su elección a través de una cadenas largas en variables no especificadas de entorno. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 65EXPL: 0CVE-2006-4257
https://notcve.org/view.php?id=CVE-2006-4257
21 Aug 2006 — IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference. IBM DB2 Universal Database (UDB) anterior a 8.1 FixPak 13 permite a atacantes autenticados remotamente provocar una denegación de servicio (caída) (1) enviando el primer comando ACCSEC sin un parámetro RDBNAM durante... • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT • CWE-399: Resource Management Errors •