CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2007-1088
https://notcve.org/view.php?id=CVE-2007-1088
23 Feb 2007 — Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables. Desbordamiento de búfer basado en pila en IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 permite a usuarios locales ejecutar código de su elección a través de una cadenas largas en variables no especificadas de entorno. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2006-6638
https://notcve.org/view.php?id=CVE-2006-6638
19 Dec 2006 — IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. IBM DB2 8.1 anterior a FixPak 14 permite a atacantes remotos provocar una denegación de servicio mediante un paquete SQLJRA artesanal, lo cual provoca una referencia a un puntero NULL en la función sqle_db2ra_as_recvrequest en DB2ENGN.DLL, un asunto diferente que C... • http://secunia.com/advisories/23397 •
CVSS: 6.5EPSS: 1%CPEs: 65EXPL: 0CVE-2006-4257
https://notcve.org/view.php?id=CVE-2006-4257
21 Aug 2006 — IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference. IBM DB2 Universal Database (UDB) anterior a 8.1 FixPak 13 permite a atacantes autenticados remotamente provocar una denegación de servicio (caída) (1) enviando el primer comando ACCSEC sin un parámetro RDBNAM durante... • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2006-3066
https://notcve.org/view.php?id=CVE-2006-3066
19 Jun 2006 — Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection. Desbordamiento de búfer en la escucha de TCP / IP en IBM DB2 Universal Database (UDB), anterior a v8.1 FixPak 12 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un mensaje MGRLVLLS mucho tiempo dentro de u... • http://secunia.com/advisories/20579 •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 3CVE-2005-4735
https://notcve.org/view.php?id=CVE-2005-4735
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. • http://secunia.com/advisories/17031 •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 2CVE-2005-4736
https://notcve.org/view.php?id=CVE-2005-4736
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. • http://secunia.com/advisories/17031 •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4737
https://notcve.org/view.php?id=CVE-2005-4737
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. • http://secunia.com/advisories/17031 •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4738
https://notcve.org/view.php?id=CVE-2005-4738
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. • http://secunia.com/advisories/17031 •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4739
https://notcve.org/view.php?id=CVE-2005-4739
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. • http://secunia.com/advisories/17031 •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4740
https://notcve.org/view.php?id=CVE-2005-4740
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." • http://secunia.com/advisories/17031 •