CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2005-4863
https://notcve.org/view.php?id=CVE-2005-4863
31 Dec 2005 — Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. • http://marc.info/?l=bugtraq&m=110494995113579&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2005-4864
https://notcve.org/view.php?id=CVE-2005-4864
31 Dec 2005 — Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. • http://marc.info/?l=bugtraq&m=110495092105541&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 28%CPEs: 24EXPL: 0CVE-2005-4865
https://notcve.org/view.php?id=CVE-2005-4865
31 Dec 2005 — Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname. • http://marc.info/?l=bugtraq&m=110495173031208&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 24EXPL: 0CVE-2005-4866
https://notcve.org/view.php?id=CVE-2005-4866
31 Dec 2005 — Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow. • http://marc.info/?l=bugtraq&m=110495251101381&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 20%CPEs: 24EXPL: 0CVE-2005-4867
https://notcve.org/view.php?id=CVE-2005-4867
31 Dec 2005 — Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. • http://marc.info/?l=bugtraq&m=110495332301120&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2005-4868 – IBM DB2 - Universal Database Information Disclosure
https://notcve.org/view.php?id=CVE-2005-4868
31 Dec 2005 — Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service. • https://www.exploit-db.com/exploits/24678 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 3CVE-2005-4735
https://notcve.org/view.php?id=CVE-2005-4735
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. • http://secunia.com/advisories/17031 •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 2CVE-2005-4736
https://notcve.org/view.php?id=CVE-2005-4736
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. • http://secunia.com/advisories/17031 •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4737
https://notcve.org/view.php?id=CVE-2005-4737
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. • http://secunia.com/advisories/17031 •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4738
https://notcve.org/view.php?id=CVE-2005-4738
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. • http://secunia.com/advisories/17031 •