CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4739
https://notcve.org/view.php?id=CVE-2005-4739
31 Dec 2005 — IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. • http://secunia.com/advisories/17031 •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2005-4740
https://notcve.org/view.php?id=CVE-2005-4740
31 Dec 2005 — IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." • http://secunia.com/advisories/17031 •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2005-3643
https://notcve.org/view.php?id=CVE-2005-3643
16 Nov 2005 — IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. • http://www.ngssoftware.com/papers/database-on-xp.pdf •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2005-0417
https://notcve.org/view.php?id=CVE-2005-0417
14 Feb 2005 — Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. Vulnerabilidad desconocida de "alto riesgo" en DB2 Universal Database 8.1 y anteriores con impacto y vectores de ataque desconocidos. • http://marc.info/?l=bugtraq&m=110801212422825&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2004-1372
https://notcve.org/view.php?id=CVE-2004-1372
01 Sep 2004 — Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. • http://marc.info/?l=bugtraq&m=110382462924162&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2002-1583
https://notcve.org/view.php?id=CVE-2002-1583
20 Aug 2004 — Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. Desbordamiento de búfer en sqllib/security/db2ckpw de IBM DB2 Universal Database 6.0 y 7.0 permite a usuarios locales ejecutar código de su elección mediante un nombre de usuario largo que se lee de un argumento de descriptor de fichero. • http://www.iss.net/security_center/static/9078.php •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2003-1049
https://notcve.org/view.php?id=CVE-2003-1049
20 Aug 2004 — IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. IBM DB2 Universal Database 7 antes de FixPak 12 crea ciertos directorios DMS con permisos inseguros (777), lo que permite a usuarios locales modificar o borrar ciertos ficheros DB2. • http://www-1.ibm.com/support/search.wss?rs=0&q=IY44841&apar=only •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 3CVE-2003-1052 – IBM DB2 - Shared Library Injection
https://notcve.org/view.php?id=CVE-2003-1052
20 Aug 2004 — IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. IBM DB2 7.1 y 8.1 permite al usuario bin ganar privilegios de root modificando las librerías compartidas usadas por programas con setuid de root. • https://www.exploit-db.com/exploits/22989 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 1CVE-2003-0898 – IBM DB2 db2job - File Overwrite
https://notcve.org/view.php?id=CVE-2003-0898
28 Oct 2003 — IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2. IBM DB2 anteriores a FixPak 10a, y versiones anteriores incluyendo la 7.1, permite a usuarios locales sobreescribir ficheros arbitrarios y ganar privilegios mediante un ataque de enlaces simbólicos sobre d2job o db2job2. • https://www.exploit-db.com/exploits/22988 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2003-0836
https://notcve.org/view.php?id=CVE-2003-0836
08 Oct 2003 — Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command. Desbordamiento de búfer basado en la pila en IBM DB2 Universal Data Base 7.2 anteriores a Fixpak 10 y 10a, y 8.1 anteriores a Fixpak 2 permite a atacantes con privilegios "connect" ejecutar código arbitrario mediante un comando LOAD. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836 •