Page 41 of 255 results (0.007 seconds)

CVSS: 5.0EPSS: 13%CPEs: 1EXPL: 2

kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to cause a denial of service (daemon crash) via a certain byte sequence. kuddb2 en Tivoli Monitoring para DB2, distribuidas en IBM DB2 v9.7 FP1 en Linux, permite a atacantes remotos causar una denegación de servicio (cuelgue del demonio) a través de una secuencia de bytes determinada. • http://intevydis.blogspot.com/2010/01/ibm-db2-97-kuddb2-dos.html http://www-01.ibm.com/support/docview.wss?uid=swg1IC68762 http://www-01.ibm.com/support/docview.wss?uid=swg21432298 http://www.securityfocus.com/bid/38018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14289 •

CVSS: 6.5EPSS: 11%CPEs: 26EXPL: 3

Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function. Un desbordamiento de búfer en la región heap de la memoria en DB2 de IBM versión 9.1 anterior a FP9, versión 9.5 anterior a FP6 y versión 9.7 anterior a FP2, permite a los usuarios autenticados remotos tener un impacto no especificado por medio de una declaración SELECT que presenta un nombre de columna largo generado con la función REPEAT. • https://www.exploit-db.com/exploits/33572 ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://intevydis.blogspot.com/2010/01/ibm-db2-97-heap-overflow.html http://securitytracker.com/id?1023509 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65933 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65935 http://www-01.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.0EPSS: 0%CPEs: 8EXPL: 0

Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query. Vulnerabilidad no especificada en el componente Query Compiler, Rewrite, and Optimizer en IBM DB2 v9.5 anteriores a FP5 permite a usuarios autenticados remotamente provocar una denegación de servicio (parada de la instancia) al compilar una consulta SQL. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1JR31948 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.com/bid/37332 http://www.vupen.com/english/advisories/2009/3520 •

CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0

The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors. El componente Query Compiler, Rewrite, and Optimizer en IBM DB2 v9.1 anteriores a FP8, v9.5 anteriores a FP5, v9.7 anteriores a FP1 no refuerza los requisitos de privilegios para acceder a (1) una secuencia o (2) objetos de variables globales, permite a usuarios autenticados remotamente usar los datos mediante vectores no especificados. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC62543 http://www-01.ibm.com/support/docview.wss?uid=swg1IC62583 http://www-01.ibm.com/support/docview.wss?uid=swg1IC64852 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss? • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances. Vulnerabilidad sin especificar en el componente DRDA Services en IBM DB2 v9.5 anterior a FP5, permite a usuarios autenticados remotamente provocar una denegación de servicio (trampa del servidor) mediante la llamada en extrañas circunstancias, a un procedimiento de almacenado SQL. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC64298 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss?uid=swg21412902 http://www.securityfocus.com/bid/37332 http://www.vupen.com/english/advisories/2009/3520 •