CVE-2013-3475
https://notcve.org/view.php?id=CVE-2013-3475
Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer basado en pila en db2aud en Audit Facility de IBM DB2 y DB2 Connect v9.1, v9.5, v9.7, v9.8 y v10.1, como se utiliza en Smart System Analytics 7600 y otros productos, permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://secunia.com/advisories/52663 http://secunia.com/advisories/53704 http://www-01.ibm.com/support/docview.wss?uid=swg1IC92463 http://www-01.ibm.com/support/docview.wss?uid=swg1IC92495 http://www-01.ibm.com/support/docview.wss?uid=swg1IC92496 http://www-01.ibm.com/support/docview.wss?uid=swg1IC92498 http://www-01.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-3324
https://notcve.org/view.php?id=CVE-2012-3324
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. Vulnerabilidad de salto de directorio en el módulo UTL_FILE en IBM DB2 y DB2 Connect v10.1 antes de FP1 en Windows permite a usuarios remotos autenticados modificar, eliminar o leer archivos de su elección a través de una ruta en el campo Archivo ('file'). • http://www-01.ibm.com/support/docview.wss?uid=swg1IC85513 http://www-01.ibm.com/support/docview.wss?uid=swg21611040 https://exchange.xforce.ibmcloud.com/vulnerabilities/77924 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •