NotCVE - vendor:"Ibm" product:"Db2" version:" <= 9.1"

Page 5 of 67 results (0.006 seconds)

CVSS: 5.0EPSS: 0%CPEs: 27EXPL: 0

CVE-2010-3195

https://notcve.org/view.php?id=CVE-2010-3195

Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration." Vulnerabilidad sin especificar en IBM DB2 v9.1 anterior a FP9, v9.5 anterior a FP6, y v9.7 anterior a FP2 en Windows Server 2008 permite a atacantes remotos provocar una denegación de servicio (trampa) a través de vectores involucrados "Grupo especial y enumeración de usuarios" ("special group and user enumeration"). • ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/41218 http://www-01.ibm.com/support/docview.wss?uid=swg1IC66099 http://www-01.ibm.com/support/docview.wss?uid=swg1IC66642 http://www-01.ibm.com/support/docview.wss?uid=swg1IC66643 http://www-01.ibm.com/support/docview.wss?uid=swg21426108 http://www-01.ibm.com/support/docview.wss? •

CVSS: 4.0EPSS: 3%CPEs: 12EXPL: 0

CVE-2010-1560

https://notcve.org/view.php?id=CVE-2010-1560

Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. NOTE: this might overlap CVE-2010-0462. Un desbordamiento de búfer en la función REPEAT en DB2 de IBM versión 9.1 anterior a FP9, permite a los usuarios autenticados remotos causar una denegación de servicio (trampa) por medio de vectores no especificados. NOTA: esto podría solaparse al CVE-2010-0462. • http://attrition.org/pipermail/vim/2010-April/002341.html http://osvdb.org/64041 http://secunia.com/advisories/39500 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922 http://www-01.ibm.com/support/docview.wss?uid=swg21426108 http://www.vupen.com/english/advisories/2010/0982 https://exchange.xforce.ibmcloud.com/vulnerabilities/58070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14613 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 11%CPEs: 26EXPL: 3

CVE-2010-0462 – IBM DB2 - 'REPEAT()' Local Heap Buffer Overflow

https://notcve.org/view.php?id=CVE-2010-0462

Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function. Un desbordamiento de búfer en la región heap de la memoria en DB2 de IBM versión 9.1 anterior a FP9, versión 9.5 anterior a FP6 y versión 9.7 anterior a FP2, permite a los usuarios autenticados remotos tener un impacto no especificado por medio de una declaración SELECT que presenta un nombre de columna largo generado con la función REPEAT. • https://www.exploit-db.com/exploits/33572 ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://intevydis.blogspot.com/2010/01/ibm-db2-97-heap-overflow.html http://securitytracker.com/id?1023509 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65922 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65933 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65935 http://www-01.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0

CVE-2009-4438

https://notcve.org/view.php?id=CVE-2009-4438

The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors. El componente Query Compiler, Rewrite, and Optimizer en IBM DB2 v9.1 anteriores a FP8, v9.5 anteriores a FP5, v9.7 anteriores a FP1 no refuerza los requisitos de privilegios para acceder a (1) una secuencia o (2) objetos de variables globales, permite a usuarios autenticados remotamente usar los datos mediante vectores no especificados. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC62543 http://www-01.ibm.com/support/docview.wss?uid=swg1IC62583 http://www-01.ibm.com/support/docview.wss?uid=swg1IC64852 http://www-01.ibm.com/support/docview.wss?uid=swg21293566 http://www-01.ibm.com/support/docview.wss? • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.4EPSS: 0%CPEs: 37EXPL: 2

CVE-2009-4325

https://notcve.org/view.php?id=CVE-2009-4325

The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "check for null pointers." El componente Client Interfaces en IBM DB2 v8.2 anterior a FP18, v9.1 anterior a FP8, v9.5 anterior a FP5 y v9.7 anterior a FP1, no valida adecuadamente un puntero no especificado, lo que permite a atacantes sobrescribir la memoria externa a través de vectores desconocidos. Relacionado con la pérdida de "comprobación de punteros nulos". • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT http://secunia.com/advisories/37759 http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702 http://www-01 • CWE-20: Improper Input Validation •

1...3 4 5 6 7